VYPR
Moderate severityNVD Advisory· Published Mar 6, 2019· Updated Aug 4, 2024

CVE-2019-0657

CVE-2019-0657

Description

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Microsoft.NETCore.AppNuGet
>= 2.2.0, < 2.2.22.2.2
Microsoft.NETCore.AppNuGet
>= 2.1.0, < 2.1.82.1.8
System.Private.UriNuGet
>= 4.3.0, < 4.3.24.3.2

Affected products

18
  • ghsa-coords2 versions
    >= 2.2.0, < 2.2.2+ 1 more
    • (no CPE)range: >= 2.2.0, < 2.2.2
    • (no CPE)range: >= 4.3.0, < 4.3.2
  • Microsoft/.net Frameworkcpe-rescue12 versions
    Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+ 11 more
    • (no CPE)range: Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2
    • (no CPE)range: Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2
    • (no CPE)range: Windows Server 2012
    • (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
    • (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
    • (no CPE)range: Windows Server 2008 for 32-bit Systems Service Pack 2
    • (no CPE)range: Windows Server 2016
    • (no CPE)range: Windows 10 for 32-bit Systems
    • (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
    • (no CPE)range: Windows 10 Version 1709 for 32-bit Systems
    • (no CPE)range: Windows 10 Version 1803 for 32-bit Systems
    • (no CPE)range: Windows 10 Version 1703 for 32-bit Systems
  • Range: 2017
  • Microsoft/Microsoft Visual Studio 2017v5
    Range: version 15.9
  • Range: 1
  • Range: 6.1

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.