cvelistv5 - CVE-2019-0657

URL	Tags
secure@microsoft.com	http://www.securityfocus.com/bid/106890	Third Party Advisory, VDB Entry
secure@microsoft.com	https://access.redhat.com/errata/RHSA-2019:0349	Third Party Advisory
secure@microsoft.com	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657	Patch, Vendor Advisory

▼	Vendor	Product
	Microsoft	Microsoft .NET Framework 4.5.2
	Microsoft	Microsoft .NET Framework 4.6
	Microsoft	.NET Core
	Microsoft	Microsoft Visual Studio
	Microsoft	Microsoft .NET Framework 4.7.2
	Microsoft	Microsoft .NET Framework 4.6/4.6.1/4.6.2
	Microsoft	Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
	Microsoft	Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2
	Microsoft	Microsoft .NET Framework 4.7/4.7.1/4.7.2
	Microsoft	Microsoft .NET Framework 4.7.1/4.7.2
	Microsoft	PowerShell Core
	Microsoft	Microsoft Visual Studio 2017
	Microsoft	Microsoft .NET Framework 3.5
	Microsoft	Microsoft .NET Framework 3.0
	Microsoft	Microsoft .NET Framework 2.0
	Microsoft	Microsoft .NET Framework 3.5.1

rhsa-2019_0349

Vulnerability from csaf_redhat

Published

2019-02-14 10:36

Modified

2024-11-05 20:57

Summary

Red Hat Security Advisory: .NET Core on Red Hat Enterprise Linux security update for February 2019

Notes

Topic

Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore, rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.14, 1.1.11, 2.1.8, and 2.2.2. Security Fix(es): * .dotnet: Domain-spoofing attack in System.Uri (CVE-2019-0657) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. For more information, please refer to the upstream doc in the References section.

Terms of Use

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore, rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for\n.NET Core on Red Hat Enterprise Linux.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": ".NET Core is a managed-software framework. It implements a subset of the\n.NET framework APIs and several new APIs, and it includes a CLR\nimplementation.\n\nNew versions of .NET Core that address security vulnerabilities are now\navailable. The updated versions are .NET Core 1.0.14, 1.1.11, 2.1.8, and 2.2.2.\n\nSecurity Fix(es):\n\n* .dotnet: Domain-spoofing attack in System.Uri (CVE-2019-0657)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.\n\nFor more information, please refer to the upstream doc in the References\nsection.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2019:0349",
        "url": "https://access.redhat.com/errata/RHSA-2019:0349"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657",
        "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657"
      },
      {
        "category": "external",
        "summary": "1673891",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1673891"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0349.json"
      }
    ],
    "title": "Red Hat Security Advisory: .NET Core on Red Hat Enterprise Linux security update for February 2019",
    "tracking": {
      "current_release_date": "2024-11-05T20:57:56+00:00",
      "generator": {
        "date": "2024-11-05T20:57:56+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.1.1"
        }
      },
      "id": "RHSA-2019:0349",
      "initial_release_date": "2019-02-14T10:36:08+00:00",
      "revision_history": [
        {
          "date": "2019-02-14T10:36:08+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2019-02-14T10:36:08+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-05T20:57:56+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                  "product_id": "7ComputeNode-dotNET-1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:1.0::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-dotNET-1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:1.0::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-dotNET-1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:1.0::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                  "product_id": "7ComputeNode-dotNET-2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:2.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-dotNET-2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:2.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-dotNET-2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:2.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                  "product_id": "7ComputeNode-dotNET-2.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:2.2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-dotNET-2.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:2.2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-dotNET-2.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:2.2::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
                  "product_id": "7ComputeNode-dotNET-1.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:1.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-dotNET-1.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:1.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": ".NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-dotNET-1.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_dotnet:1.1::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": ".NET Core on Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
                  "product_id": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnetcore10-dotnetcore-debuginfo@1.0.14-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
                  "product_id": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnetcore10-dotnetcore@1.0.14-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
                  "product_id": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-runtime@2.1-7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-0:2.1-7.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-0:2.1-7.el7.x86_64",
                  "product_id": "rh-dotnet21-0:2.1-7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21@2.1-7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
                  "product_id": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-dotnet-sdk-2.1.5xx@2.1.504-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
                  "product_id": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-dotnet-debuginfo@2.1.504-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
                  "product_id": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-dotnet-host@2.1.8-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
                  "product_id": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-dotnet@2.1.504-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
                  "product_id": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-dotnet-sdk-2.1@2.1.504-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
                "product": {
                  "name": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
                  "product_id": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-dotnet-runtime-2.1@2.1.8-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
                  "product_id": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-runtime@2.2-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-0:2.2-3.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-0:2.2-3.el7.x86_64",
                  "product_id": "rh-dotnet22-0:2.2-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22@2.2-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
                  "product_id": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet-sdk-2.2@2.2.104-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
                  "product_id": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet-runtime-2.2@2.2.2-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
                  "product_id": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet-host-fxr-2.2@2.2.2-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
                  "product_id": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet@2.2.104-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
                  "product_id": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet-host@2.2.2-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
                  "product_id": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet-sdk-2.2.1xx@2.2.104-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
                  "product_id": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet-debuginfo@2.2.104-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
                  "product_id": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnetcore11-dotnetcore@1.1.11-2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
                "product": {
                  "name": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
                  "product_id": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnetcore11-dotnetcore-debuginfo@1.1.11-2.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
                "product": {
                  "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
                  "product_id": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnetcore10-dotnetcore@1.0.14-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-0:2.1-7.el7.src",
                "product": {
                  "name": "rh-dotnet21-0:2.1-7.el7.src",
                  "product_id": "rh-dotnet21-0:2.1-7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21@2.1-7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
                "product": {
                  "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
                  "product_id": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet21-dotnet@2.1.504-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-0:2.2-3.el7.src",
                "product": {
                  "name": "rh-dotnet22-0:2.2-3.el7.src",
                  "product_id": "rh-dotnet22-0:2.2-3.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22@2.2-3.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
                "product": {
                  "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
                  "product_id": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnet22-dotnet@2.2.104-2.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
                "product": {
                  "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
                  "product_id": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rh-dotnetcore11-dotnetcore@1.1.11-2.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
        "relates_to_product_reference": "7ComputeNode-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
        "relates_to_product_reference": "7ComputeNode-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-0:2.1-7.el7.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src"
        },
        "product_reference": "rh-dotnet21-0:2.1-7.el7.src",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-0:2.1-7.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-0:2.1-7.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src"
        },
        "product_reference": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-0:2.2-3.el7.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src"
        },
        "product_reference": "rh-dotnet22-0:2.2-3.el7.src",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-0:2.2-3.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-0:2.2-3.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src"
        },
        "product_reference": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
        "relates_to_product_reference": "7ComputeNode-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
        "relates_to_product_reference": "7Server-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
        "relates_to_product_reference": "7Server-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-0:2.1-7.el7.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src"
        },
        "product_reference": "rh-dotnet21-0:2.1-7.el7.src",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-0:2.1-7.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-0:2.1-7.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src"
        },
        "product_reference": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-0:2.2-3.el7.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src"
        },
        "product_reference": "rh-dotnet22-0:2.2-3.el7.src",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-0:2.2-3.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-0:2.2-3.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src"
        },
        "product_reference": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
        "relates_to_product_reference": "7Server-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
        "relates_to_product_reference": "7Workstation-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
        "relates_to_product_reference": "7Workstation-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64"
        },
        "product_reference": "rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-1.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-0:2.1-7.el7.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src"
        },
        "product_reference": "rh-dotnet21-0:2.1-7.el7.src",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-0:2.1-7.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-0:2.1-7.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src"
        },
        "product_reference": "rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64"
        },
        "product_reference": "rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-0:2.2-3.el7.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src"
        },
        "product_reference": "rh-dotnet22-0:2.2-3.el7.src",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-0:2.2-3.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-0:2.2-3.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src"
        },
        "product_reference": "rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64 as a component of .NET Core on Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64"
        },
        "product_reference": "rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
        "relates_to_product_reference": "7Workstation-dotNET-2.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-0657",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2019-02-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1673891"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "dotnet: Domain-spoofing attack in System.Uri",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
          "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
          "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
          "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
          "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
          "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
          "7ComputeNode-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
          "7ComputeNode-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
          "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
          "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
          "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
          "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
          "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
          "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
          "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
          "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
          "7Server-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
          "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
          "7Server-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
          "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
          "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
          "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
          "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
          "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
          "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
          "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
          "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
          "7Workstation-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
          "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
          "7Workstation-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-0657"
        },
        {
          "category": "external",
          "summary": "RHBZ#1673891",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1673891"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0657",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-0657"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0657",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0657"
        }
      ],
      "release_date": "2019-02-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2019-02-14T10:36:08+00:00",
          "details": "For details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
            "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
            "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
            "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
            "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
            "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
            "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
            "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
            "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
            "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
            "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
            "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
            "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
            "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
            "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
            "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
            "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
            "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
            "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
            "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
            "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
            "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2019:0349"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
            "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
            "7ComputeNode-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
            "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
            "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
            "7ComputeNode-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
            "7ComputeNode-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
            "7ComputeNode-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
            "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
            "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
            "7Server-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
            "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
            "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
            "7Server-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
            "7Server-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
            "7Server-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
            "7Server-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
            "7Server-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64",
            "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.src",
            "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-0:1.0.14-1.el7.x86_64",
            "7Workstation-dotNET-1.0:rh-dotnetcore10-dotnetcore-debuginfo-0:1.0.14-1.el7.x86_64",
            "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.src",
            "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-0:1.1.11-2.el7.x86_64",
            "7Workstation-dotNET-1.1:rh-dotnetcore11-dotnetcore-debuginfo-0:1.1.11-2.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.src",
            "7Workstation-dotNET-2.1:rh-dotnet21-0:2.1-7.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.src",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-debuginfo-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-host-0:2.1.8-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-runtime-2.1-0:2.1.8-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-dotnet-sdk-2.1.5xx-0:2.1.504-1.el7.x86_64",
            "7Workstation-dotNET-2.1:rh-dotnet21-runtime-0:2.1-7.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.src",
            "7Workstation-dotNET-2.2:rh-dotnet22-0:2.2-3.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.src",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-debuginfo-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-0:2.2.2-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-host-fxr-2.2-0:2.2.2-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-runtime-2.2-0:2.2.2-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-dotnet-sdk-2.2.1xx-0:2.2.104-2.el7.x86_64",
            "7Workstation-dotNET-2.2:rh-dotnet22-runtime-0:2.2-3.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "dotnet: Domain-spoofing attack in System.Uri"
    }
  ]
}

ghsa-x5qj-9vmx-7g6g

Vulnerability from github

Published

2022-05-14 01:28

Modified

2022-07-08 19:33

Severity ?

5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Summary

Improper Input Validation in .Net Framework API's

Details

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Microsoft.NETCore.App"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.2.0"
            },
            {
              "fixed": "2.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "Microsoft.NETCore.App"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.1.0"
            },
            {
              "fixed": "2.1.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "NuGet",
        "name": "System.Private.Uri"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.3.0"
            },
            {
              "fixed": "4.3.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-0657"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-07-08T19:33:16Z",
    "nvd_published_at": "2019-03-05T23:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027.",
  "id": "GHSA-x5qj-9vmx-7g6g",
  "modified": "2022-07-08T19:33:16Z",
  "published": "2022-05-14T01:28:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0657"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dotnet/announcements/issues/97"
    },
    {
      "type": "WEB",
      "url": "https://github.com/github/advisory-database/issues/302"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2019:0349"
    },
    {
      "type": "WEB",
      "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106890"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Input Validation in .Net Framework API\u0027s"
}

var-201903-1467

Vulnerability from variot

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'. plural Microsoft The product includes URL There is a vulnerability related to input validation due to incomplete analysis method. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Moderate: .NET Core on Red Hat Enterprise Linux security update for February 2019 Advisory ID: RHSA-2019:0349-01 Product: .NET Core on Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:0349 Issue date: 2019-02-14 CVE Names: CVE-2019-0657 ==================================================================== 1. Summary:

Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore, rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core on Red Hat Enterprise Linux.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Relevant releases/architectures:

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64 .NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Description:

.NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation.

New versions of .NET Core that address security vulnerabilities are now available. The updated versions are .NET Core 1.0.14, 1.1.11, 2.1.8, and 2.2.2.

Security Fix(es):

.dotnet: Domain-spoofing attack in System.Uri (CVE-2019-0657)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

For more information, please refer to the upstream doc in the References section.

Solution:

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Bugs fixed (https://bugzilla.redhat.com/):

1673891 - CVE-2019-0657 dotnet: Domain-spoofing attack in System.Uri

Package List:

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source: rh-dotnetcore10-dotnetcore-1.0.14-1.el7.src.rpm

x86_64: rh-dotnetcore10-dotnetcore-1.0.14-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.14-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source: rh-dotnetcore11-dotnetcore-1.1.11-2.el7.src.rpm

x86_64: rh-dotnetcore11-dotnetcore-1.1.11-2.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.11-2.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source: rh-dotnet21-2.1-7.el7.src.rpm rh-dotnet21-dotnet-2.1.504-1.el7.src.rpm

x86_64: rh-dotnet21-2.1-7.el7.x86_64.rpm rh-dotnet21-dotnet-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-debuginfo-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-host-2.1.8-1.el7.x86_64.rpm rh-dotnet21-dotnet-runtime-2.1-2.1.8-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.504-1.el7.x86_64.rpm rh-dotnet21-runtime-2.1-7.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):

Source: rh-dotnet22-2.2-3.el7.src.rpm rh-dotnet22-dotnet-2.2.104-2.el7.src.rpm

x86_64: rh-dotnet22-2.2-3.el7.x86_64.rpm rh-dotnet22-dotnet-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-debuginfo-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-host-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-host-fxr-2.2-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-runtime-2.2-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.104-2.el7.x86_64.rpm rh-dotnet22-runtime-2.2-3.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source: rh-dotnetcore10-dotnetcore-1.0.14-1.el7.src.rpm

x86_64: rh-dotnetcore10-dotnetcore-1.0.14-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.14-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source: rh-dotnetcore11-dotnetcore-1.1.11-2.el7.src.rpm

x86_64: rh-dotnetcore11-dotnetcore-1.1.11-2.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.11-2.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source: rh-dotnet21-2.1-7.el7.src.rpm rh-dotnet21-dotnet-2.1.504-1.el7.src.rpm

x86_64: rh-dotnet21-2.1-7.el7.x86_64.rpm rh-dotnet21-dotnet-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-debuginfo-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-host-2.1.8-1.el7.x86_64.rpm rh-dotnet21-dotnet-runtime-2.1-2.1.8-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.504-1.el7.x86_64.rpm rh-dotnet21-runtime-2.1-7.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Server (v. 7):

Source: rh-dotnet22-2.2-3.el7.src.rpm rh-dotnet22-dotnet-2.2.104-2.el7.src.rpm

x86_64: rh-dotnet22-2.2-3.el7.x86_64.rpm rh-dotnet22-dotnet-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-debuginfo-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-host-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-host-fxr-2.2-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-runtime-2.2-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.104-2.el7.x86_64.rpm rh-dotnet22-runtime-2.2-3.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source: rh-dotnetcore10-dotnetcore-1.0.14-1.el7.src.rpm

x86_64: rh-dotnetcore10-dotnetcore-1.0.14-1.el7.x86_64.rpm rh-dotnetcore10-dotnetcore-debuginfo-1.0.14-1.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source: rh-dotnetcore11-dotnetcore-1.1.11-2.el7.src.rpm

x86_64: rh-dotnetcore11-dotnetcore-1.1.11-2.el7.x86_64.rpm rh-dotnetcore11-dotnetcore-debuginfo-1.1.11-2.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source: rh-dotnet21-2.1-7.el7.src.rpm rh-dotnet21-dotnet-2.1.504-1.el7.src.rpm

x86_64: rh-dotnet21-2.1-7.el7.x86_64.rpm rh-dotnet21-dotnet-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-debuginfo-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-host-2.1.8-1.el7.x86_64.rpm rh-dotnet21-dotnet-runtime-2.1-2.1.8-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1-2.1.504-1.el7.x86_64.rpm rh-dotnet21-dotnet-sdk-2.1.5xx-2.1.504-1.el7.x86_64.rpm rh-dotnet21-runtime-2.1-7.el7.x86_64.rpm

.NET Core on Red Hat Enterprise Linux Workstation (v. 7):

Source: rh-dotnet22-2.2-3.el7.src.rpm rh-dotnet22-dotnet-2.2.104-2.el7.src.rpm

x86_64: rh-dotnet22-2.2-3.el7.x86_64.rpm rh-dotnet22-dotnet-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-debuginfo-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-host-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-host-fxr-2.2-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-runtime-2.2-2.2.2-2.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2-2.2.104-2.el7.x86_64.rpm rh-dotnet22-dotnet-sdk-2.2.1xx-2.2.104-2.el7.x86_64.rpm rh-dotnet22-runtime-2.2-3.el7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

References:

https://access.redhat.com/security/cve/CVE-2019-0657 https://access.redhat.com/security/updates/classification/#moderate https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657

Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

iQIVAwUBXGTxZNzjgjWX9erEAQg28RAAkXyiq8u2m6G6BJN/7LqO31WHqXGmf+Em SeGsTnrnV9YpjFqPXby3WFz3AHGrTITrOy+JA2WyYTezgc3F4aZu28jHCgsuRJmU AvEg8XitYunmg9sxzr0SUmf8bleFUpawLNh+HiHC/fVUSrHA953yH6QjPDj3KT3+ 27SmMMmUvdqpZOxYrHN9iPfYiqONIKEkHq6vGkplqePPOkWja7v7r7UYm8I493zN cFLWzVI6N17qsLIqe2OduMtZ0tBcdOdKwjxi4BVbVwNmhV1qiXfBotP7RdRjvVgu SJw2LObFjPmfHBZX7c8Q+S4oWSLTO+YnqEzjRopXy8adaxxxFDvYCb5FJ5YGvFNK eI4SDGilbT73PXISefvmxjPM3Vu2T7yvvgGwg9Yl64DPgsLLFBxm2kEpXE7h3ZkH JiTBjT3eOPhuK43X5+X9VnM/9C7Add1xb9HMz1iWvJQidKKJ44FDGFhWoHXZMa2Z oca6jNXGpzqUtpMgsnC4ZM7WISyNtnVdBBE31xwEPl1ssi+Mrsq8lFWiFt1GUnQQ /DCPVS8L1aTsIb1q6SUTzqRkEMi2jADvP+tWohxMw/M2NNFKIEbfEgld2xO5X79F +edr0KVq8fgRgN9GP6rs+xNtS30uO6fLNLzXiT/7kgyvmadyuyzpye8mjDDlzJYX 1Uwk7uAgds0=IIGV -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201903-1467",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "powershell core",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "6.1"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "4.7.2"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "4.7.1"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "4.6.2"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "4.6.1"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "3.5.1"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "4.7"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "4.6"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "4.5.2"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "3.5"
      },
      {
        "model": ".net core",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "2.2"
      },
      {
        "model": ".net core",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "2.1"
      },
      {
        "model": ".net core",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "microsoft",
        "version": "1.0"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "microsoft",
        "version": "3.0"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "microsoft",
        "version": "2.0"
      },
      {
        "model": "powershell core",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "microsoft",
        "version": "6.2"
      },
      {
        "model": "powershell core",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "6.0"
      },
      {
        "model": "visual studio 2017",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "visual studio 2017",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "15.9"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "2.0 sp2"
      },
      {
        "model": ".net framework",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "3.0 sp2"
      },
      {
        "model": "visual studio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "2017"
      },
      {
        "model": "visual studio",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "2017 version 15.9"
      },
      {
        "model": "visual studio",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "201715.9"
      },
      {
        "model": "visual studio",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20170"
      },
      {
        "model": ".net core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "106890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:.net_core:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:.net_core:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:.net_core:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp1:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp1:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jonathan Birch of Microsoft Corporation,Red Hat",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-0657",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-0657",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.2,
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "High",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.9,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-0657",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-0657",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201902-374",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027. plural Microsoft The product includes URL There is a vulnerability related to input validation due to incomplete analysis method. \nAn attacker can exploit this issue to conduct  spoofing attacks and perform unauthorized actions; other attacks are  also possible. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Moderate: .NET Core on Red Hat Enterprise Linux security update for February 2019\nAdvisory ID:       RHSA-2019:0349-01\nProduct:           .NET Core on Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2019:0349\nIssue date:        2019-02-14\nCVE Names:         CVE-2019-0657\n====================================================================\n1. Summary:\n\nUpdates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore,\nrh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for\n.NET Core on Red Hat Enterprise Linux. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\n.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64\n.NET Core on Red Hat Enterprise Linux Server (v. 7) - x86_64\n.NET Core on Red Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\n.NET Core is a managed-software framework. It implements a subset of the\n.NET framework APIs and several new APIs, and it includes a CLR\nimplementation. \n\nNew versions of .NET Core that address security vulnerabilities are now\navailable. The updated versions are .NET Core 1.0.14, 1.1.11, 2.1.8, and\n2.2.2. \n\nSecurity Fix(es):\n\n* .dotnet: Domain-spoofing attack in System.Uri (CVE-2019-0657)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section. \n\nFor more information, please refer to the upstream doc in the References\nsection. \n\n4. Solution:\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1673891 - CVE-2019-0657 dotnet: Domain-spoofing attack in System.Uri\n\n6. Package List:\n\n.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nrh-dotnetcore10-dotnetcore-1.0.14-1.el7.src.rpm\n\nx86_64:\nrh-dotnetcore10-dotnetcore-1.0.14-1.el7.x86_64.rpm\nrh-dotnetcore10-dotnetcore-debuginfo-1.0.14-1.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nrh-dotnetcore11-dotnetcore-1.1.11-2.el7.src.rpm\n\nx86_64:\nrh-dotnetcore11-dotnetcore-1.1.11-2.el7.x86_64.rpm\nrh-dotnetcore11-dotnetcore-debuginfo-1.1.11-2.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nrh-dotnet21-2.1-7.el7.src.rpm\nrh-dotnet21-dotnet-2.1.504-1.el7.src.rpm\n\nx86_64:\nrh-dotnet21-2.1-7.el7.x86_64.rpm\nrh-dotnet21-dotnet-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-debuginfo-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-host-2.1.8-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-runtime-2.1-2.1.8-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-sdk-2.1-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-sdk-2.1.5xx-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-runtime-2.1-7.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nrh-dotnet22-2.2-3.el7.src.rpm\nrh-dotnet22-dotnet-2.2.104-2.el7.src.rpm\n\nx86_64:\nrh-dotnet22-2.2-3.el7.x86_64.rpm\nrh-dotnet22-dotnet-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-debuginfo-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-host-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-host-fxr-2.2-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-runtime-2.2-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-sdk-2.2-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-sdk-2.2.1xx-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-runtime-2.2-3.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-dotnetcore10-dotnetcore-1.0.14-1.el7.src.rpm\n\nx86_64:\nrh-dotnetcore10-dotnetcore-1.0.14-1.el7.x86_64.rpm\nrh-dotnetcore10-dotnetcore-debuginfo-1.0.14-1.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-dotnetcore11-dotnetcore-1.1.11-2.el7.src.rpm\n\nx86_64:\nrh-dotnetcore11-dotnetcore-1.1.11-2.el7.x86_64.rpm\nrh-dotnetcore11-dotnetcore-debuginfo-1.1.11-2.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-dotnet21-2.1-7.el7.src.rpm\nrh-dotnet21-dotnet-2.1.504-1.el7.src.rpm\n\nx86_64:\nrh-dotnet21-2.1-7.el7.x86_64.rpm\nrh-dotnet21-dotnet-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-debuginfo-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-host-2.1.8-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-runtime-2.1-2.1.8-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-sdk-2.1-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-sdk-2.1.5xx-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-runtime-2.1-7.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-dotnet22-2.2-3.el7.src.rpm\nrh-dotnet22-dotnet-2.2.104-2.el7.src.rpm\n\nx86_64:\nrh-dotnet22-2.2-3.el7.x86_64.rpm\nrh-dotnet22-dotnet-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-debuginfo-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-host-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-host-fxr-2.2-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-runtime-2.2-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-sdk-2.2-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-sdk-2.2.1xx-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-runtime-2.2-3.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-dotnetcore10-dotnetcore-1.0.14-1.el7.src.rpm\n\nx86_64:\nrh-dotnetcore10-dotnetcore-1.0.14-1.el7.x86_64.rpm\nrh-dotnetcore10-dotnetcore-debuginfo-1.0.14-1.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-dotnetcore11-dotnetcore-1.1.11-2.el7.src.rpm\n\nx86_64:\nrh-dotnetcore11-dotnetcore-1.1.11-2.el7.x86_64.rpm\nrh-dotnetcore11-dotnetcore-debuginfo-1.1.11-2.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-dotnet21-2.1-7.el7.src.rpm\nrh-dotnet21-dotnet-2.1.504-1.el7.src.rpm\n\nx86_64:\nrh-dotnet21-2.1-7.el7.x86_64.rpm\nrh-dotnet21-dotnet-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-debuginfo-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-host-2.1.8-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-runtime-2.1-2.1.8-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-sdk-2.1-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-dotnet-sdk-2.1.5xx-2.1.504-1.el7.x86_64.rpm\nrh-dotnet21-runtime-2.1-7.el7.x86_64.rpm\n\n.NET Core on Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-dotnet22-2.2-3.el7.src.rpm\nrh-dotnet22-dotnet-2.2.104-2.el7.src.rpm\n\nx86_64:\nrh-dotnet22-2.2-3.el7.x86_64.rpm\nrh-dotnet22-dotnet-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-debuginfo-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-host-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-host-fxr-2.2-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-runtime-2.2-2.2.2-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-sdk-2.2-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-dotnet-sdk-2.2.1xx-2.2.104-2.el7.x86_64.rpm\nrh-dotnet22-runtime-2.2-3.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-0657\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXGTxZNzjgjWX9erEAQg28RAAkXyiq8u2m6G6BJN/7LqO31WHqXGmf+Em\nSeGsTnrnV9YpjFqPXby3WFz3AHGrTITrOy+JA2WyYTezgc3F4aZu28jHCgsuRJmU\nAvEg8XitYunmg9sxzr0SUmf8bleFUpawLNh+HiHC/fVUSrHA953yH6QjPDj3KT3+\n27SmMMmUvdqpZOxYrHN9iPfYiqONIKEkHq6vGkplqePPOkWja7v7r7UYm8I493zN\ncFLWzVI6N17qsLIqe2OduMtZ0tBcdOdKwjxi4BVbVwNmhV1qiXfBotP7RdRjvVgu\nSJw2LObFjPmfHBZX7c8Q+S4oWSLTO+YnqEzjRopXy8adaxxxFDvYCb5FJ5YGvFNK\neI4SDGilbT73PXISefvmxjPM3Vu2T7yvvgGwg9Yl64DPgsLLFBxm2kEpXE7h3ZkH\nJiTBjT3eOPhuK43X5+X9VnM/9C7Add1xb9HMz1iWvJQidKKJ44FDGFhWoHXZMa2Z\noca6jNXGpzqUtpMgsnC4ZM7WISyNtnVdBBE31xwEPl1ssi+Mrsq8lFWiFt1GUnQQ\n/DCPVS8L1aTsIb1q6SUTzqRkEMi2jADvP+tWohxMw/M2NNFKIEbfEgld2xO5X79F\n+edr0KVq8fgRgN9GP6rs+xNtS30uO6fLNLzXiT/7kgyvmadyuyzpye8mjDDlzJYX\n1Uwk7uAgds0=IIGV\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "BID",
        "id": "106890"
      },
      {
        "db": "PACKETSTORM",
        "id": "151684"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-0657",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "106890",
        "trust": 1.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "151684",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0476",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "106890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "PACKETSTORM",
        "id": "151684"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ]
  },
  "id": "VAR-201903-1467",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.21178882
  },
  "last_update_date": "2023-12-18T12:28:25.363000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "CVE-2019-0657 | .NET Framework and Visual Studio Spoofing Vulnerability",
        "trust": 0.8,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0657"
      },
      {
        "title": "CVE-2019-0657 | .NET Framework \u3068 Visual Studio \u306e\u306a\u308a\u3059\u307e\u3057\u306e\u8106\u5f31\u6027",
        "trust": 0.8,
        "url": "https://portal.msrc.microsoft.com/ja-jp/security-guidance/advisory/cve-2019-0657"
      },
      {
        "title": "Microsoft .NET Framework  and Visual Studio Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89188"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2019-0657"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/106890"
      },
      {
        "trust": 1.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0657"
      },
      {
        "trust": 1.1,
        "url": "https://access.redhat.com/errata/rhsa-2019:0349"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0657"
      },
      {
        "trust": 0.8,
        "url": "https://www.ipa.go.jp/security/ciadr/vul/20190213-ms.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2019/at190006.html"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/microsoft-visual-studio-vulnerabilities-of-february-2019-28512"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/microsoft-net-vulnerabilities-of-february-2019-28485"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/75638"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/151684/red-hat-security-advisory-2019-0349-01.html"
      },
      {
        "trust": 0.3,
        "url": "https://github.com/powershell/announcements/issues/14"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-0657"
      },
      {
        "trust": 0.1,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/team/contact/"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "106890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "PACKETSTORM",
        "id": "151684"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "106890"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "db": "PACKETSTORM",
        "id": "151684"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-0657"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-02-12T00:00:00",
        "db": "BID",
        "id": "106890"
      },
      {
        "date": "2019-04-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "date": "2019-02-14T14:59:07",
        "db": "PACKETSTORM",
        "id": "151684"
      },
      {
        "date": "2019-03-05T23:29:02.037000",
        "db": "NVD",
        "id": "CVE-2019-0657"
      },
      {
        "date": "2019-02-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-02-21T05:00:00",
        "db": "BID",
        "id": "106890"
      },
      {
        "date": "2019-04-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      },
      {
        "date": "2019-03-07T16:55:52.720000",
        "db": "NVD",
        "id": "CVE-2019-0657"
      },
      {
        "date": "2019-04-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Microsoft Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002326"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-374"
      }
    ],
    "trust": 0.6
  }
}

gsd-2019-0657

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

Aliases

CVE-2019-0657

Aliases

CVE-2019-0657

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-0657",
    "description": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027.",
    "id": "GSD-2019-0657",
    "references": [
      "https://access.redhat.com/errata/RHSA-2019:0349"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-0657"
      ],
      "details": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027.",
      "id": "GSD-2019-0657",
      "modified": "2023-12-13T01:23:39.975662Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2019-0657",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Microsoft .NET Framework 4.5.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows 7 for 32-bit Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows 7 for x64-based Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows Server 2012"
                        },
                        {
                          "version_value": "Windows Server 2012 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows 8.1 for 32-bit systems"
                        },
                        {
                          "version_value": "Windows 8.1 for x64-based systems"
                        },
                        {
                          "version_value": "Windows Server 2012 R2"
                        },
                        {
                          "version_value": "Windows RT 8.1"
                        },
                        {
                          "version_value": "Windows Server 2012 R2 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2"
                        },
                        {
                          "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 4.6",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows Server 2008 for 32-bit Systems Service Pack 2"
                        },
                        {
                          "version_value": "Windows Server 2008 for x64-based Systems Service Pack 2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": ".NET Core",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "1"
                        },
                        {
                          "version_value": "2.1"
                        },
                        {
                          "version_value": "2.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Visual Studio",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2017"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 4.7.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows 10 Version 1803 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1803 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server, version 1803  (Server Core Installation)"
                        },
                        {
                          "version_value": "Windows 10 Version 1803 for ARM64-based Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1809 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1809 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server 2019"
                        },
                        {
                          "version_value": "Windows Server 2019  (Server Core installation)"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows 10 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 for x64-based Systems"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows 7 for 32-bit Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows 7 for x64-based Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows Server 2012"
                        },
                        {
                          "version_value": "Windows Server 2012 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows 8.1 for 32-bit systems"
                        },
                        {
                          "version_value": "Windows 8.1 for x64-based systems"
                        },
                        {
                          "version_value": "Windows Server 2012 R2"
                        },
                        {
                          "version_value": "Windows RT 8.1"
                        },
                        {
                          "version_value": "Windows Server 2012 R2 (Server Core installation)"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows Server 2016"
                        },
                        {
                          "version_value": "Windows 10 Version 1607 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1607 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server 2016  (Server Core installation)"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 4.7/4.7.1/4.7.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows 10 Version 1703 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1703 for x64-based Systems"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 4.7.1/4.7.2",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows 10 Version 1709 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1709 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server, version 1709  (Server Core Installation)"
                        },
                        {
                          "version_value": "Windows 10 Version 1709 for ARM64-based Systems"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "PowerShell Core",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "6.1"
                        },
                        {
                          "version_value": "6.2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft Visual Studio 2017",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "version 15.9"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 3.5",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows Server 2012"
                        },
                        {
                          "version_value": "Windows Server 2012 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows 8.1 for 32-bit systems"
                        },
                        {
                          "version_value": "Windows 8.1 for x64-based systems"
                        },
                        {
                          "version_value": "Windows Server 2012 R2"
                        },
                        {
                          "version_value": "Windows Server 2012 R2 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows 10 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server 2016"
                        },
                        {
                          "version_value": "Windows 10 Version 1607 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1607 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1703 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1703 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1709 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1709 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server, version 1709  (Server Core Installation)"
                        },
                        {
                          "version_value": "Windows 10 Version 1803 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1803 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server, version 1803  (Server Core Installation)"
                        },
                        {
                          "version_value": "Windows 10 Version 1803 for ARM64-based Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1809 for 32-bit Systems"
                        },
                        {
                          "version_value": "Windows 10 Version 1809 for x64-based Systems"
                        },
                        {
                          "version_value": "Windows Server 2019"
                        },
                        {
                          "version_value": "Windows Server 2019  (Server Core installation)"
                        },
                        {
                          "version_value": "Windows 10 Version 1709 for ARM64-based Systems"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 3.0",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2"
                        },
                        {
                          "version_value": "Service Pack 2 on Windows Server 2008 for 32-bit Systems Service Pack 2"
                        },
                        {
                          "version_value": "Service Pack 2 on Windows Server 2008 for x64-based Systems Service Pack 2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 2.0",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Service Pack 2 on Windows Server 2008 for Itanium-Based Systems Service Pack 2"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Microsoft .NET Framework 3.5.1",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Windows 7 for 32-bit Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows 7 for x64-based Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)"
                        },
                        {
                          "version_value": "Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1"
                        },
                        {
                          "version_value": "Windows Server 2008 R2 for x64-based Systems Service Pack 1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Microsoft"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Spoofing"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2019:0349",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2019:0349"
          },
          {
            "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657",
            "refsource": "CONFIRM",
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657"
          },
          {
            "name": "106890",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/106890"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[2.1.0,2.1.8),[2.2.0,2.2.2)",
          "affected_versions": "All versions starting from 2.1.0 before 2.1.8, all versions starting from 2.2.0 before 2.2.2",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-20",
            "CWE-937"
          ],
          "date": "2022-07-08",
          "description": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027.",
          "fixed_versions": [
            "2.1.8",
            "2.2.2"
          ],
          "identifier": "CVE-2019-0657",
          "identifiers": [
            "GHSA-x5qj-9vmx-7g6g",
            "CVE-2019-0657"
          ],
          "not_impacted": "All versions before 2.1.0, all versions starting from 2.1.8 before 2.2.0, all versions starting from 2.2.2",
          "package_slug": "nuget/Microsoft.NETCore.App",
          "pubdate": "2022-05-14",
          "solution": "Upgrade to versions 2.1.8, 2.2.2 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2019-0657",
            "https://access.redhat.com/errata/RHSA-2019:0349",
            "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657",
            "http://www.securityfocus.com/bid/106890",
            "https://github.com/dotnet/announcements/issues/97",
            "https://github.com/github/advisory-database/issues/302",
            "https://github.com/advisories/GHSA-x5qj-9vmx-7g6g"
          ],
          "uuid": "b39180bb-ca65-4a47-ba38-ba8bf45f81bc"
        },
        {
          "affected_range": "[4.3.0,4.3.2)",
          "affected_versions": "All versions starting from 4.3.0 before 4.3.2",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-20",
            "CWE-937"
          ],
          "date": "2022-07-08",
          "description": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027.",
          "fixed_versions": [
            "4.3.2"
          ],
          "identifier": "CVE-2019-0657",
          "identifiers": [
            "GHSA-x5qj-9vmx-7g6g",
            "CVE-2019-0657"
          ],
          "not_impacted": "All versions before 4.3.0, all versions starting from 4.3.2",
          "package_slug": "nuget/System.Private.Uri",
          "pubdate": "2022-05-14",
          "solution": "Upgrade to version 4.3.2 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2019-0657",
            "https://access.redhat.com/errata/RHSA-2019:0349",
            "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657",
            "http://www.securityfocus.com/bid/106890",
            "https://github.com/dotnet/announcements/issues/97",
            "https://github.com/github/advisory-database/issues/302",
            "https://github.com/advisories/GHSA-x5qj-9vmx-7g6g"
          ],
          "uuid": "cd99975d-24f7-4276-a518-513caa81ad49"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:.net_core:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:.net_core:2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:.net_core:2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2017:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:visual_studio_2017:15.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:powershell_core:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:itanium:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp1:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2008:-:sp1:*:*:*:*:x64:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1709:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_server_2016:1803:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows_10:1703:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2019-0657"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability exists in certain .Net Framework API\u0027s and Visual Studio in the way they parse URL\u0027s, aka \u0027.NET Framework and Visual Studio Spoofing Vulnerability\u0027."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0657"
            },
            {
              "name": "RHSA-2019:0349",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2019:0349"
            },
            {
              "name": "106890",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/106890"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-03-07T16:55Z",
      "publishedDate": "2019-03-05T23:29Z"
    }
  }
}

Action not permitted

CVE-2019-0657

Vulnerability from cvelistv5

rhsa-2019_0349

Vulnerability from csaf_redhat

ghsa-x5qj-9vmx-7g6g

Vulnerability from github

var-201903-1467

Vulnerability from variot

gsd-2019-0657

Vulnerability from gsd

Tags