Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

Nexus Repository Manager

Manage binaries and build artifacts across your software supply chain.

Official Site:

https://www.sonatype.com/nexus/repository-pro

Severity Summary:

Critical: 2 High: 8 Medium: 16
Reference
Title
Severity
CVE-2017-17717
Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Critical
CVE-2019-9629
Nexus Repository Manager Improper Authentication Vulnerability
Critical
CVE-2019-15588
Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2019-16530
Nexus Repository Manager Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2019-15893
Nexus Repository Manager Vulnerability
High
CVE-2019-5475
Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2019-9630
Nexus Repository Manager Incorrect Default Permissions Vulnerability
High
CVE-2018-16621
Nexus Repository Manager Improper Neutralization of Special Elements used in an Expression Language Statement (Expression Language Injection) Vulnerability
High
CVE-2018-16620
Nexus Repository Manager Incorrect Authorization Vulnerability
High
CVE-2020-15012
Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2021-43961
Nexus Repository Manager Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Medium
CVE-2021-30635
Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2021-43293
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability
Medium
CVE-2021-42568
Nexus Repository Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2021-37152
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-34553
Nexus Repository Manager Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2021-29159
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-12100
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-29436
Nexus Repository Manager Improper Restriction of XML External Entity Reference Vulnerability
Medium
CVE-2018-5306
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-5307
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-11415
Nexus Repository Manager Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2018-16619
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-11629
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-14469
Nexus Repository Manager Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-27907
Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability
Medium