Filtered by vendor Sonatype
Subscriptions
Total
43 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-29159 | 1 Sonatype | 1 Nexus Repository Manager | 2024-08-03 | 6.1 Medium |
A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application. | ||||
CVE-2022-27907 | 1 Sonatype | 1 Nexus Repository Manager | 2024-08-03 | 4.3 Medium |
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF. | ||||
CVE-2024-4956 | 1 Sonatype | 1 Nexus Repository Manager | 2024-08-01 | 7.5 High |
Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1. |