Skip to main content

Nexus Repository Manager 3

6 CVEs product

Monthly

CVE-2021-40143 Maven HIGH PATCH This Week

Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Nexus Repository Manager 3
NVD
CVSS 3.1
8.2
EPSS
2.3%
CVE-2021-29158 MEDIUM PATCH This Month

Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Nexus Repository Manager 3
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2020-15871 HIGH PATCH This Week

Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Nexus Repository Manager 3
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2020-15870 MEDIUM PATCH This Month

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nexus Repository Manager 3
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-15869 MEDIUM PATCH This Month

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nexus Repository Manager 3
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-11753 HIGH PATCH This Week

An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Nexus Repository Manager 3
NVD
CVSS 3.1
8.8
EPSS
1.7%
EPSS 2% CVSS 8.2
HIGH PATCH This Week

Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Nexus Repository Manager 3
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Nexus Repository Manager 3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Nexus Repository Manager 3
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nexus Repository Manager 3
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Nexus Repository Manager 3
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Nexus Repository Manager 3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy