0.003 Low
EPSS
Percentile
67.9%
Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
github.com/sonatype/nexus-public
help.sonatype.com/repomanager3/release-notes/2021-release-notes
issues.sonatype.org/secure/ReleaseNote.jspa
nvd.nist.gov/vuln/detail/CVE-2021-40143
support.sonatype.com/hc/en-us/articles/4405941762579