The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.
[
{
"product": "Nexus Repository Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2.14.9-01"
}
]
}
]