Sonatype

sonatype

43 CVEs • 4 products

Products (4)

Click to collapse

Toggle

Nexus Repository Manager

nexus_repository_manager

Nexus Repository Manager 3

nexus_repository_manager_3

Nexus Iq Server

nexus_iq_server

CVEs (43)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-9389 1Sonatype 1Nexus May 6, 2026 Jan 5, 2015 N/A· v4 N/A· v3 7.5 HIGH· v2 Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote attackers to read or write to arbitrary files via unspecified vectors.
CVE-2014-2034 1Sonatype 1Nexus May 6, 2026 Apr 1, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."
CVE-2014-0792 1Sonatype 1Nexus Apr 29, 2026 Jan 17, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.