Sonatype Nexus Repository 3.x up to and including 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sonatype nexus repository manager 3 |