4 matches found
CVE-2019-15588
There is an OS Command Injection in Nexus Repository Manager = 2.14.14 bypass CVE-2019-5475 that could allow an attacker a Remote Code Execution RCE. All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability...
Exploit for OS Command Injection in Sonatype Nexus_Repository_Manager
CVE-2019-5475 CVE-2019-5475 and CVE-2019-15588: RCE command...
CVE-2019-15588
There is an OS Command Injection in Nexus Repository Manager = 2.14.14 bypass CVE-2019-5475 that could allow an attacker a Remote Code Execution RCE. All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability...
CVE-2019-15588
Summary (CVE-2019-15588) : Nexus Repository Manager versions up to 2.14.14 are affected by an OS command injection that can lead to remote code execution. The root cause involves untrusted data flowing into CommandLineExecutor.java, notably via the Yum Configuration Capability (createrepo/mergere...