3 matches found
CVE-2020-29436
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0...
CVE-2020-29436
Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0...
CVE-2020-29436
Sonatype Nexus Repository Manager 3.x prior to 3.29.0 is affected by an XML External Entity (XXE) vulnerability that an administrator can exploit to access content outside of NXRM. Root cause: XXE in Nexus configuration/XML processing. Impact stated as access to external content; remediation: upg...