Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-1340 | 1 Microsoft | 1 Nugetgallery | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'. | |||||
CVE-2024-47604 | 1 Microsoft | 1 Nugetgallery | 2024-11-13 | N/A | 6.1 MEDIUM |
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser. |