CVE-2024-54138
- EPSS 0.42%
- Published 06.12.2024 22:15:21
- Last modified 05.09.2025 15:48:02
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not a...
CVE-2024-47604
- EPSS 0.39%
- Published 01.10.2024 16:15:10
- Last modified 13.11.2024 23:17:14
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser.
CVE-2024-37304
- EPSS 0.37%
- Published 12.06.2024 15:15:52
- Last modified 04.09.2025 19:12:20
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not a...
CVE-2020-1340
- EPSS 0.4%
- Published 09.06.2020 20:15:21
- Last modified 21.11.2024 05:10:17
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'.