Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sonatype nexus repository manager vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-43961
Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection.
Sonatype Nexus Repository Manager
356
VMScore
CVE-2021-43293
Sonatype Nexus Repository Manager 3.x prior to 3.36.0 allows a remote authenticated malicious user to potentially perform network enumeration via Server Side Request Forgery (SSRF).
Sonatype Nexus Repository Manager
890
VMScore
CVE-2017-17717
Sonatype Nexus Repository Manager up to and including 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature.
Sonatype Nexus Repository Manager
802
VMScore
CVE-2019-5475
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.
Sonatype Nexus Repository Manager
4 Github repositories
383
VMScore
CVE-2019-11629
Sonatype Nexus Repository Manager 2.x prior to 2.14.13 allows XSS.
Sonatype Nexus Repository Manager
578
VMScore
CVE-2019-15893
Sonatype Nexus Repository Manager 2.x prior to 2.14.15 allows Remote Code Execution.
Sonatype Nexus Repository Manager
383
VMScore
CVE-2020-15869
Sonatype Nexus Repository Manager OSS/Pro versions prior to 3.25.1 allow XSS (issue 1 of 2).
Sonatype Nexus Repository Manager 3
383
VMScore
CVE-2020-15870
Sonatype Nexus Repository Manager OSS/Pro versions prior to 3.25.1 allow XSS (Issue 2 of 2).
Sonatype Nexus Repository Manager 3
605
VMScore
CVE-2020-15871
Sonatype Nexus Repository Manager OSS/Pro version prior to 3.25.1 allows Remote Code Execution.
Sonatype Nexus Repository Manager 3
570
VMScore
CVE-2021-40143
Sonatype Nexus Repository 3.x up to and including 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
Sonatype Nexus Repository Manager 3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »