Nuget Package Manager Tampering Vulnerability in ASP.NET core- CVE-2019-0757ID: oval:org.secpod.oval:def:65714 | Date: (C)2020-09-29 (M)2023-11-29 |
Class: VULNERABILITY | Family: windows |
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure. An attacker who successfully exploited this vulnerability could potentially modify files and folders that are unpackaged on a system. To exploit this vulnerability, an attacker would need to log on to the affected system and tamper with the folder contents of a package prior to building or installation of an application.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
Microsoft ASP .NET core 1.0 |
Microsoft ASP .NET core 1.1 |
Microsoft ASP .NET core 2.1 |
Microsoft ASP .NET core 2.2 |