Sonatype Nexus Repository Manager 3.x prior to 3.31.0 allows a remote authenticated malicious user to get a list of blob files and read the content of a blob file (via a GET request) without having been granted access.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sonatype nexus repository manager |