Vulnerabilities (CVE)

Filtered by vendor Inedo Subscribe
Filtered by product Proget
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-15608 1 Inedo 1 Proget 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings.
CVE-2017-14944 1 Inedo 1 Proget 2024-11-21 5.0 MEDIUM 7.5 HIGH
Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060.