📄 Nexus Repository Manager 3.53.0-01 File Disclosure / Traversal

A critical path traversal vulnerability exists in Sonatype Nexus Repository Manager 3 that allows unauthenticated attackers to read arbitrary files from the server filesystem through crafted URL paths. This is a proof of concept for an issue discovered in 2024...

Cross-site Scripting (XSS)

Overview org.sonatype.nexus:nexus-extdirect is a Repository Manager. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the request process. An attacker can execute arbitrary JavaScript in the context of a victim's browser by enticing the user to interact with a...

Nexus Repository Anonymous Access

Nexus Repository Manager is a popular repository management tool used to store and manage software artifacts. If anonymous access is enabled, unauthenticated users can list and browse repositories, potentially exposing private artifacts such as source code, packages, and Docker images. No source...

EUVD-2021-21203

Malware in sbrugna...

EUVD-2019-5655

Malware in sbrugna...

EUVD-2018-17085

Malware in sbrugna...

EUVD-2018-4079

Malware in sbrugna...

EUVD-2019-6804

Malware in sbrugna...

EUVD-2019-19000

Malware in sbrugna...

EUVD-2020-21809

Malware in sbrugna...

EUVD-2020-3769

Malware in sbrugna...

EUVD-2018-8428

Malware in sbrugna...

EUVD-2021-15797

Malware in sbrugna...

EUVD-2020-4095

Malware in sbrugna...

EUVD-2019-6555

Malware in sbrugna...

EUVD-2021-15798

Malware in sbrugna...

EUVD-2020-7849

Malware in sbrugna...

EUVD-2021-30237

Malicious code in bioql PyPI...

EUVD-2021-30823

Malicious code in bioql PyPI...

CVE-2022-27907

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF...