Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Nugetgallery
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-1340 1 Microsoft 1 Nugetgallery 2024-11-21 3.5 LOW 5.4 MEDIUM
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'.
CVE-2024-47604 1 Microsoft 1 Nugetgallery 2024-11-13 N/A 6.1 MEDIUM
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser.