vulnerability
Oracle Linux: CVE-2019-0757: ELSA-2019-1259: dotnet security, bug fix, and enhancement update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | 03/12/2019 | 07/22/2024 | 01/07/2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
03/12/2019
Added
07/22/2024
Modified
01/07/2025
Description
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'.
A flaw was found in dotnet. A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in dotnet. A tampering vulnerability exists in NuGet software when executed in a Linux or Mac environment. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Solution(s)
oracle-linux-upgrade-dotnetoracle-linux-upgrade-dotnet-hostoracle-linux-upgrade-dotnet-host-fxr-2-1oracle-linux-upgrade-dotnet-runtime-2-1oracle-linux-upgrade-dotnet-sdk-2-1oracle-linux-upgrade-dotnet-sdk-2-1-5xx
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.