ID

VAR-201904-0811


CVE

CVE-2019-0757


TITLE

plural Microsoft Product Linux and Mac For NuGet Package Manager Vulnerabilities to be tampered with

Trust: 0.8

sources: JVNDB: JVNDB-2019-002673

DESCRIPTION

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify a NuGet package's folder structure, aka 'NuGet Package Manager Tampering Vulnerability'. Microsoft NuGet is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Bug Fix(es): * dotnet: new SocketException((int)SocketError.InvalidArgument).Message is empty (BZ#1712471) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: .NET Core on Red Hat Enterprise Linux security update for March 2019 Advisory ID: RHSA-2019:0544-01 Product: .NET Core on Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:0544 Issue date: 2019-03-13 CVE Names: CVE-2019-0757 ==================================================================== 1. Summary: Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore, rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: .NET Core is a managed-software framework. It implements the .NET standard APIs and several additional APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.15, 1.1.12, 2.1.9, and 2.2.3. (CVE-2019-0757) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. For more information, please refer to the upstream doc in the References section. 4. Solution: For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1685475 - CVE-2019-0757 dotnet: NuGet Tampering Vulnerability 1685718 - Update to .NET Core Runtime 2.2.3 and SDK 2.2.105 1685720 - Update to .NET Core Runtime 2.1.9 and SDK 2.1.505 6. Package List: .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.15-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.15-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.15-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.12-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.12-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.12-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnet21-2.1-8.el7.src.rpm rh-dotnet21-dotnet-2.1.505-1.el7.src.rpm x86_64: rh-dotnet21-2.1-8.el7.x86_64.rpm rh-dotnet21-dotnet-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-debuginfo-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-host-2.1.9-1.el7.x86_64.rpm rh-dotnet21-dotnet-runtime-2.1-2.1.9-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.505-1.el7.x86_64.rpm rh-dotnet21-runtime-2.1-8.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7): Source: rh-dotnet22-2.2-4.el7.src.rpm rh-dotnet22-dotnet-2.2.105-1.el7.src.rpm x86_64: rh-dotnet22-2.2-4.el7.x86_64.rpm rh-dotnet22-dotnet-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-debuginfo-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-host-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-host-fxr-2.2-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-runtime-2.2-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.105-1.el7.x86_64.rpm rh-dotnet22-runtime-2.2-4.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.15-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.15-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.15-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.12-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.12-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.12-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnet21-2.1-8.el7.src.rpm rh-dotnet21-dotnet-2.1.505-1.el7.src.rpm x86_64: rh-dotnet21-2.1-8.el7.x86_64.rpm rh-dotnet21-dotnet-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-debuginfo-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-host-2.1.9-1.el7.x86_64.rpm rh-dotnet21-dotnet-runtime-2.1-2.1.9-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.505-1.el7.x86_64.rpm rh-dotnet21-runtime-2.1-8.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Server (v. 7): Source: rh-dotnet22-2.2-4.el7.src.rpm rh-dotnet22-dotnet-2.2.105-1.el7.src.rpm x86_64: rh-dotnet22-2.2-4.el7.x86_64.rpm rh-dotnet22-dotnet-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-debuginfo-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-host-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-host-fxr-2.2-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-runtime-2.2-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.105-1.el7.x86_64.rpm rh-dotnet22-runtime-2.2-4.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnetcore10-dotnetcore-1.0.15-1.el7.src.rpm x86_64: rh-dotnetcore10-dotnetcore-1.0.15-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.15-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnetcore11-dotnetcore-1.1.12-1.el7.src.rpm x86_64: rh-dotnetcore11-dotnetcore-1.1.12-1.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.12-1.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnet21-2.1-8.el7.src.rpm rh-dotnet21-dotnet-2.1.505-1.el7.src.rpm x86_64: rh-dotnet21-2.1-8.el7.x86_64.rpm rh-dotnet21-dotnet-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-debuginfo-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-host-2.1.9-1.el7.x86_64.rpm rh-dotnet21-dotnet-runtime-2.1-2.1.9-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1-2.1.505-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.505-1.el7.x86_64.rpm rh-dotnet21-runtime-2.1-8.el7.x86_64.rpm .NET Core on Red Hat Enterprise Linux Workstation (v. 7): Source: rh-dotnet22-2.2-4.el7.src.rpm rh-dotnet22-dotnet-2.2.105-1.el7.src.rpm x86_64: rh-dotnet22-2.2-4.el7.x86_64.rpm rh-dotnet22-dotnet-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-debuginfo-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-host-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-host-fxr-2.2-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-runtime-2.2-2.2.3-1.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2-2.2.105-1.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.105-1.el7.x86_64.rpm rh-dotnet22-runtime-2.2-4.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-0757 https://access.redhat.com/security/updates/classification/#important https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXIkN2NzjgjWX9erEAQifeg//caOX+S+Ysy634WnQ2WKfvAyI2DdmDwtN jsAXT/zd2ckQrk3Idz09zDrrX3bjCbGSALUEF8DNM9X0xs8LiFJj9fl7pQ8eDDuz csbAv7Th64q9m42KlL4+7s4HBzRRDpfp90JMr9zYWHqoDsYbHi/03wUJbM81txYt Ybu1oufw3DNzDoPiZ30x1HvNUa4ZHPrB2eV6gVc4kbTZDG08oDvBHCnS9IXbMPRC sfkGHU6E+kWS6bs2aHMbSNiw2MkKPgRbMXv10o8FRLbXVJ9swiEgBz0rmuirlxkM Zubf4mWUGnLIksPzTYrRrGpCbWduD5dR0Ar+DiLaSRmJQ7rzBTFdoBFWwaN+HoGu tGwrCe2Ve+Aj8WP3EBxHSmhEG9UT2KxmUSA++lqiw3wZBVHBZD9YX1aP0c8j7tCg ijhAzzfo1rbCRJkKdACAbxjih4jjHRzt6x3W/qmu3n+gIKXHGelGoKouyvbKb+8A eqQXoB/W/Dkcz/XHfcII7bDNxZLbT7HVV1fdFAQqGrMcwknVC5ld+N0dnE6tn45r LfDyuyO8Sd+7jDilvdEdWYyI6pbRuRNmcZ+gqu/xPyx5cFXYxQehdv1uIAo5vQP1 35JSu//LGlnoYeYhBoYrtW/forYD77yLKHnlP6/ugcN1JKS+CRAipuDW8nr34ySR FvFvp8/nSm4=KwTi -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.16

sources: NVD: CVE-2019-0757 // JVNDB: JVNDB-2019-002673 // BID: 107285 // VULMON: CVE-2019-0757 // PACKETSTORM: 152999 // PACKETSTORM: 152073

AFFECTED PRODUCTS

vendor:microsoftmodel:nugetscope:eqversion:4.9.4

Trust: 2.1

vendor:microsoftmodel:nugetscope:eqversion:4.8.2

Trust: 2.1

vendor:microsoftmodel:nugetscope:eqversion:4.7.2

Trust: 2.1

vendor:microsoftmodel:nugetscope:eqversion:4.6.3

Trust: 2.1

vendor:microsoftmodel:nugetscope:eqversion:4.5.2

Trust: 2.1

vendor:microsoftmodel:nugetscope:eqversion:4.4.2

Trust: 2.1

vendor:microsoftmodel:nugetscope:eqversion:4.3.1

Trust: 2.1

vendor:microsoftmodel:.net core sdkscope:eqversion:2.1.500

Trust: 2.1

vendor:microsoftmodel:.net core sdkscope:eqversion:1.1

Trust: 2.1

vendor:monomodel:frameworkscope:eqversion:5.18.0.223

Trust: 1.8

vendor:monomodel:frameworkscope:eqversion:5.20.0

Trust: 1.8

vendor:microsoftmodel:.net core sdkscope:eqversion:2.2.100

Trust: 1.8

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.1

Trust: 1.0

vendor:microsoftmodel:visual studio 2017scope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.4

Trust: 1.0

vendor:microsoftmodel:visual studioscope:eqversion:2017 for mac

Trust: 0.8

vendor:monomodel:monoscope:eqversion:5.20

Trust: 0.3

vendor:monomodel:monoscope:eqversion:5.18.0.223

Trust: 0.3

vendor:microsoftmodel:visual studio for macscope:eqversion:0

Trust: 0.3

vendor:microsoftmodel:.net corescope:eqversion:2.1

Trust: 0.3

vendor:microsoftmodel:.net corescope:eqversion:1.1

Trust: 0.3

vendor:microsoftmodel:.net corescope:eqversion:1.0

Trust: 0.3

vendor:microsoftmodel:.net core sdkscope:neversion:2.1.505

Trust: 0.3

vendor:microsoftmodel:.net core sdkscope:neversion:1.1.13

Trust: 0.3

vendor:microsoftmodel:.net corescope:neversion:2.1.9

Trust: 0.3

vendor:microsoftmodel:.net corescope:neversion:1.1.12

Trust: 0.3

vendor:microsoftmodel:.net corescope:neversion:1.0.15

Trust: 0.3

sources: BID: 107285 // JVNDB: JVNDB-2019-002673 // NVD: CVE-2019-0757

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-0757
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-0757
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201903-445
value: MEDIUM

Trust: 0.6

VULMON: CVE-2019-0757
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2019-0757
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2019-0757
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-0757
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2019-0757 // JVNDB: JVNDB-2019-002673 // CNNVD: CNNVD-201903-445 // NVD: CVE-2019-0757

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-284

Trust: 0.8

sources: JVNDB: JVNDB-2019-002673 // NVD: CVE-2019-0757

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201903-445

TYPE

access control error

Trust: 0.6

sources: CNNVD: CNNVD-201903-445

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-002673

PATCH

title:Top Pageurl:https://www.mono-project.com/

Trust: 0.8

title:CVE-2019-0757 | NuGet Package Manager Tampering Vulnerabilityurl:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0757

Trust: 0.8

title:CVE-2019-0757 | NuGet Package Manager の改ざんの脆弱性url:https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/CVE-2019-0757

Trust: 0.8

title:Microsoft NuGet Package Manager Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90061

Trust: 0.6

title:The Registerurl:https://www.theregister.co.uk/2019/03/12/march_patch_tuesday_dhcp/

Trust: 0.2

title:Red Hat: Important: .NET Core on Red Hat Enterprise Linux security update for March 2019url:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20190544 - Security Advisory

Trust: 0.1

title:Red Hat: Important: dotnet security, bug fix, and enhancement updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191259 - Security Advisory

Trust: 0.1

title:Symantec Threat Intelligence Blogurl:https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-march-2019

Trust: 0.1

title:Threatposturl:https://threatpost.com/microsoft-patches-two-win32k-bugs-under-active-attack/142742/

Trust: 0.1

sources: VULMON: CVE-2019-0757 // JVNDB: JVNDB-2019-002673 // CNNVD: CNNVD-201903-445

EXTERNAL IDS

db:NVDid:CVE-2019-0757

Trust: 3.0

db:BIDid:107285

Trust: 1.0

db:JVNDBid:JVNDB-2019-002673

Trust: 0.8

db:PACKETSTORMid:152999

Trust: 0.7

db:NSFOCUSid:42934

Trust: 0.6

db:AUSCERTid:ESB-2019.0808

Trust: 0.6

db:AUSCERTid:ESB-2019.1839

Trust: 0.6

db:CNNVDid:CNNVD-201903-445

Trust: 0.6

db:VULMONid:CVE-2019-0757

Trust: 0.1

db:PACKETSTORMid:152073

Trust: 0.1

sources: VULMON: CVE-2019-0757 // BID: 107285 // JVNDB: JVNDB-2019-002673 // PACKETSTORM: 152999 // PACKETSTORM: 152073 // CNNVD: CNNVD-201903-445 // NVD: CVE-2019-0757

REFERENCES

url:https://access.redhat.com/errata/rhsa-2019:1259

Trust: 2.4

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0757

Trust: 2.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-0757

Trust: 1.6

url:http://www.securityfocus.com/bid/107285

Trust: 1.3

url:http://www.microsoft.com

Trust: 0.9

url:https://bugzilla.redhat.com/show_bug.cgi?id=1685475

Trust: 0.9

url:https://access.redhat.com/errata/rhsa-2019:0544

Trust: 0.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0757

Trust: 0.8

url:https://www.ipa.go.jp/security/ciadr/vul/20190313-ms.html

Trust: 0.8

url:http://www.jpcert.or.jp/at/2019/at190012.html

Trust: 0.8

url:https://access.redhat.com/security/cve/cve-2019-0757

Trust: 0.8

url:https://packetstormsecurity.com/files/152999/red-hat-security-advisory-2019-1259-01.html

Trust: 0.6

url:http://www.nsfocus.net/vulndb/42934

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.1839/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/77050

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-0757

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://threatpost.com/microsoft-patches-two-win32k-bugs-under-active-attack/142742/

Trust: 0.1

url:https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/107285

Trust: 0.1

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0820

Trust: 0.1

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0980

Trust: 0.1

url:https://github.com/dotnet/core/blob/master/release-notes/2.1/2.1.11/2.1.11.md

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-0981

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-0980

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-0820

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-0981

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-0980

Trust: 0.1

url:https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0981

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-0820

Trust: 0.1

sources: VULMON: CVE-2019-0757 // BID: 107285 // JVNDB: JVNDB-2019-002673 // PACKETSTORM: 152999 // PACKETSTORM: 152073 // CNNVD: CNNVD-201903-445 // NVD: CVE-2019-0757

CREDITS

Red Hat,The vendor reported this issue.

Trust: 0.6

sources: CNNVD: CNNVD-201903-445

SOURCES

db:VULMONid:CVE-2019-0757
db:BIDid:107285
db:JVNDBid:JVNDB-2019-002673
db:PACKETSTORMid:152999
db:PACKETSTORMid:152073
db:CNNVDid:CNNVD-201903-445
db:NVDid:CVE-2019-0757

LAST UPDATE DATE

2024-08-14T13:26:22.183000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2019-0757date:2021-09-08T00:00:00
db:BIDid:107285date:2019-03-13T09:00:00
db:JVNDBid:JVNDB-2019-002673date:2019-04-19T00:00:00
db:CNNVDid:CNNVD-201903-445date:2020-08-25T00:00:00
db:NVDid:CVE-2019-0757date:2022-04-11T20:36:04.833

SOURCES RELEASE DATE

db:VULMONid:CVE-2019-0757date:2019-04-09T00:00:00
db:BIDid:107285date:2019-03-12T00:00:00
db:JVNDBid:JVNDB-2019-002673date:2019-04-19T00:00:00
db:PACKETSTORMid:152999date:2019-05-22T14:39:27
db:PACKETSTORMid:152073date:2019-03-13T14:27:10
db:CNNVDid:CNNVD-201903-445date:2019-03-12T00:00:00
db:NVDid:CVE-2019-0757date:2019-04-09T02:29:00.600