NuGet Gallery
by Microsoft
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-47604 | 0.00 | — | 0.01 | Oct 1, 2024 | NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser. | |||
| CVE-2020-1340 | 0.00 | — | 0.02 | Jun 9, 2020 | A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'. |
- CVE-2024-47604Oct 1, 2024risk 0.00cvss —epss 0.01
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser.
- CVE-2020-1340Jun 9, 2020risk 0.00cvss —epss 0.02
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'.