Lucene search
Veracode Vulnerability DatabaseVERACODE:21805HistoryNov 04, 2019 - 2:17 a.m.
Remote Code Execution
2019-11-0402:17:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.008 Low
EPSS
Percentile
81.1%
nexus-yum-repository-plugin is vulnerable to remote code execution. The vulnerability exists due to a bypass of the fix for CVE-2019-5475, whereby the getCleanCommand function in CommandLineExecutor.java allows arbitrary user-supplied data to be executed as code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| nexus-yum-repository-plugin | le | 01 |
Related
cve
cve
CVE-2019-15588
2019-11-01 15:15:11
CVE-2019-5475
2019-09-03 20:15:11
osv
osv
CVE-2019-15588
2019-11-01 15:15:11
OS Command Injection in Nexus Yum Repository Plugin
2019-09-11 23:04:57
CVE-2019-5475
2019-09-03 20:15:11
githubexploit
githubexploit
Exploit for OS Command Injection in Sonatype Nexus Repository Manager
2020-12-19 05:11:03
Exploit for OS Command Injection in Sonatype Nexus Repository Manager
2020-12-16 14:03:16
Exploit for OS Command Injection in Sonatype Nexus Repository Manager
2019-09-25 16:22:56
nvd
nvd
CVE-2019-15588
2019-11-01 15:15:11
CVE-2019-5475
2019-09-03 20:15:11
prion
prion
Command injection
2019-11-01 15:15:00
Remote code execution
2019-09-03 20:15:00
symantec
symantec
hackerone
hackerone
cvelist
cvelist
CVE-2019-15588
2019-11-01 14:46:12
CVE-2019-5475
2019-09-03 19:13:43
github
github
OS Command Injection in Nexus Yum Repository Plugin
2019-09-11 23:04:57
veracode
veracode
Remote Code Execution
2019-09-04 03:34:54
freebsd
freebsd
nexus2-oss -- Multiple vulerabilities
2019-09-19 00:00:00
nessus
nessus