12 matches found
CVE-2020-10199
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
GHSA-8H56-V53H-5HHJ Remote Code Execution - JavaEL Injection (low privileged accounts) in Nexus Repository Manager
Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution...
Remote Code Execution - JavaEL Injection (low privileged accounts) in Nexus Repository Manager
Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution...
GHSA-G2F6-V5QH-H2MQ Nexus Repository Manager 3 - Remote Code Execution
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
Nexus Repository Manager 3 - Remote Code Execution
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
CVE-2020-10199
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
Crlf injection
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
CVE-2020-10199
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
CVE-2020-10199
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2...
CVE-2020-10199
CVE-2020-10199 is a remote code execution vulnerability in Sonatype Nexus Repository Manager (NXRM) caused by a Java EL injection vulnerability. Affected versions are NXRM prior to 3.21.2 (with references noting exploitable in 3.21.1 and earlier). The underlying issue is a Java EL injection in Ne...
PT-2020-6522 · Sonatype · Sonatype Nexus Repository +1
Name of the Vulnerable Software and Affected Versions: Sonatype Nexus Repository versions prior to 3.21.2 Description: The issue is related to incorrect code generation management in the Sonatype Nexus Repository Manager, which can be exploited by a remote attacker to execute arbitrary code by...
CVE-2020-10199
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection issue 1 of 2. Recent assessments: wvu-r7 at April 04, 2020 5:05am UTC reported: WIP exploit module: https://github.com/rapid7/metasploit-framework/pull/13195. Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...