408 matches found
CVE-2020-29436
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0...
CVE-2020-29436
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0...
Design/Logic Flaw
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0...
Sonatype Nexus Repository Manager External Entity Injection Vulnerability
Sonatype Nexus Repository Manager NXRM is a Maven repository manager from Sonatype USA. An external entity injection vulnerability exists in the Sonatype Nexus Repository Manager product, which allows an attacker with Nexus Repository Manager administrator privileges to configure the system in su...
Sonatype Nexus Repository Manager 代码问题漏洞
Sonatype Nexus Repository Manager NXRM is a Maven repository manager from Sonatype USA. An external entity injection vulnerability exists in the Sonatype Nexus Repository Manager product, which allows an attacker with Nexus Repository Manager administrator privileges to configure the system in su...
CVE-2020-15012
A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on disk that the user running nxrm also has access to...
CVE-2020-15012
A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on disk that the user running nxrm also has access to...
CVE-2020-15012
Sonatype Nexus Repository Manager 2.x (pre-2.14.19) is affected by a Directory Traversal vulnerability. A crafted path can cause FS traversal to read content on disk to which the Nexus process user has access. Root cause is path traversal in requests; impact is exposure of local content. No expli...
Sonatype Nexus Repository Manager Unauthorized Access Vulnerability
Sonatype Nexus Repository Manager NXRM is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A security vulnerability exists in Sonatype NXRM OSS/Pro versions prior to 3.26.0. An attacker could exploit the vulnerability to access...
CVE-2020-15868
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control...
CVE-2020-15868
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control...
Improper access control
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control...
CVE-2020-15868
Affected product: Sonatype Nexus Repository Manager OSS/Pro prior to 3.26.0. Vulnerability: Incorrect Access Control (root cause). Impact: authenticated? no; the CNVD entry states an attacker could access unauthorized content with a specially crafted request. CVSS details: CVSS v3.1 base 7.5 (HIG...
CVE-2020-15868
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control...
Sonatype Nexus Repository Manager Remote Code Execution Vulnerability (CNVD-2021-32036)
Nexus Repository Manager is a repository manager from Sonatype that lets you proxy, collect, and manage your dependencies so you don't have to deal with a series of JARs as often, allowing you to distribute your software with ease.OSS is the open-source, free version, and Pro is the professional,...
CVE-2020-15870
Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS Issue 2 of 2...
CVE-2020-15871
Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution...
CVE-2020-15870
Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS Issue 2 of 2...
CVE-2020-15869
Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS issue 1 of 2...
CVE-2020-15871
Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution...