Proget
1 CVEs
product
Monthly
Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure
Proget
NVD
CVSS 3.0
7.5
EPSS
0.2%
EPSS 0%
CVSS 7.5
HIGH
This Week
Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Information Disclosure
Proget
NVD