Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Veracode
Veracodeadded 2019/11/04 2:17 a.m.14 views

Remote Code Execution

nexus-yum-repository-plugin is vulnerable to remote code execution. The vulnerability exists due to a bypass of the fix for CVE-2019-5475, whereby the getCleanCommand function in CommandLineExecutor.java allows arbitrary user-supplied data to be executed as code...

7.2CVSS4.2AI score0.796EPSS
Exploits5References3Affected Software1
OSV
OSVadded 2019/09/03 8:15 p.m.15 views

CVE-2019-5475

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...

8.8CVSS7.2AI score
Exploits0References1
Hacker One
Hacker Oneadded 2019/07/23 1:53 p.m.70 views

Central Security Project: OS Command Injection in Nexus Repository Manager 2.x

Maven artifact groupId: org.sonatype.nexus.plugins artifactId: nexus-yum-repository-plugin version: 2.14.9-01 Vulnerability Vulnerability Description The Nexus Yum Repository Plugin is vulnerable to Remote Code Execution. All instances using CommandLineExecutor.java with user-supplied data is...

9CVSS0.2AI score0.796EPSS
Exploits5
Rows per page
Query Builder