CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Sonatype 1Nexus Repository Manager 3 Nov 21, 2024 Sep 7, 2021 N/A· v4 8.2 HIGH· v3 6.4 MEDIUM· v2 Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vuln...Show more |
1Sonatype 1Nexus Repository Manager 3 Nov 21, 2024 Apr 23, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control. |
1Sonatype 1Nexus Repository Manager 3 Nov 21, 2024 Jul 31, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution. |
1Sonatype 1Nexus Repository Manager 3 Nov 21, 2024 Jul 31, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2). |
1Sonatype 1Nexus Repository Manager 3 Nov 21, 2024 Jul 31, 2020 N/A· v4 5.4 MEDIUM· v3 4.3 MEDIUM· v2 Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2). |
1Sonatype 1Nexus Repository Manager 3 Nov 21, 2024 Apr 20, 2020 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or AP...Show more |