VYPR

NuGet Gallery

by Microsoft

CVEs (2)

  • CVE-2024-47604Oct 1, 2024
    risk 0.00cvss epss 0.01

    NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser.

  • CVE-2020-1340Jun 9, 2020
    risk 0.00cvss epss 0.02

    A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'.