14 matches found
CVE-2019-5475
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...
CVE-2019-9872
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...
PT-2023-25163 · Jenkins · Jenkins Maven Repository Server Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Maven Repository Server Plugin versions 1.10 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin does not escape project and build display names on the Build...
org.eclipse.tycho.nexus:unzip-repository-plugin (=0.12.0), org.sonatype.nexus.assemblies:nexus-base-template (>=3.10.0-04 <=3.21.1-01) +27 more potentially affected by CVE-2020-10203 via org.sonatype.nexus:nexus-core (>=2.4.0-1 <=3.21.1-01)
org.sonatype.nexus:nexus-core MAVEN version =2.4.0-1, =3.10.0-04, =3.0.0-03, =2.2.1, =2.2.1, =2.4.0-1, =2.4.0-1, =2.6.0-01, =2.6.0-01, =2.4.0-1, =2.6.0-01, =2.4.0-1, =2.6.0-01, =2.5.0-01, =2.4.0-1, =2.7.0-m1 and more Source cves: CVE-2020-10203 Source advisory:...
Remote Code Execution
nexus-yum-repository-plugin is vulnerable to remote code execution. An attacker with administrative access to nxrm is able to execute arbitrary OS commands on the system by setting the path of createrepo or mergerepo to an OS command in the XML input...
CVE-2019-5475
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...
CVE-2019-5475
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...
Remote code execution
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability...
CVE-2019-9872
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...
Design/Logic Flaw
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...
CVE-2019-9872
In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...
pulp: Improper path parsing leads to overwriting of iso repositories
A path traversal flaw was found in the ISO repository plugin for pulp. An attacker, with access to a repository feeding pulp can carefully craft his repository to overwrite arbitrary files owned by the Apache webserver...
Elasticsearch repository-azure information disclosure vulnerability
Elasticsearch is the Netherlands Elasticsearch company based on Lucene built a set of open source distributed RESTful search engine , it is mainly used in cloud computing , and supports the use of JSON via HTTP for data indexing . repository-azure is one of the repository plugin . An information...
AjaXplorer < 5.0.1 Multiple Command Execution Vulnerabilities
The version of AjaXplorer hosted on the remote web server is earlier than 5.0.1. It is, therefore, affected by multiple command execution vulnerabilities in the following plugins: - File System Standard Plugin access.fs - Power FS Plugin action.powerfs - Subversion Repository Plugin meta.svn The...