Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
CPE | Name | Operator | Version |
---|---|---|---|
nexus_repository_manager_3 | ge | 3.0.0 | |
nexus_repository_manager_3 | lt | 3.34.0 |