Moderate severityNVD Advisory· Published Mar 6, 2019· Updated Aug 4, 2024
CVE-2019-0657
CVE-2019-0657
Description
A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Microsoft.NETCore.AppNuGet | >= 2.2.0, < 2.2.2 | 2.2.2 |
Microsoft.NETCore.AppNuGet | >= 2.1.0, < 2.1.8 | 2.1.8 |
System.Private.UriNuGet | >= 4.3.0, < 4.3.2 | 4.3.2 |
Affected products
18- ghsa-coords2 versions
>= 2.2.0, < 2.2.2+ 1 more
- (no CPE)range: >= 2.2.0, < 2.2.2
- (no CPE)range: >= 4.3.0, < 4.3.2
Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2+ 11 more
- (no CPE)range: Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2
- (no CPE)range: Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2
- (no CPE)range: Windows Server 2012
- (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
- (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
- (no CPE)range: Windows Server 2008 for 32-bit Systems Service Pack 2
- (no CPE)range: Windows Server 2016
- (no CPE)range: Windows 10 for 32-bit Systems
- (no CPE)range: Windows 7 for 32-bit Systems Service Pack 1
- (no CPE)range: Windows 10 Version 1709 for 32-bit Systems
- (no CPE)range: Windows 10 Version 1803 for 32-bit Systems
- (no CPE)range: Windows 10 Version 1703 for 32-bit Systems
- Range: 2017
- Microsoft/Microsoft Visual Studio 2017v5Range: version 15.9
- Range: 1
- Range: 6.1
Patches
Vulnerability mechanics
References
7- access.redhat.com/errata/RHSA-2019:0349ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-x5qj-9vmx-7g6gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-0657ghsaADVISORY
- www.securityfocus.com/bid/106890ghsavdb-entryx_refsource_BIDWEB
- github.com/dotnet/announcements/issues/97ghsaWEB
- github.com/github/advisory-database/issues/302ghsaWEB
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.