Количество 3
Количество 3
CVE-2019-15588
There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability.
GHSA-h8gj-qmf3-67wf
There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability.
BDU:2023-00715
Уязвимость менеджера репозиториев Sonatype Nexus Repository Manager, связанная с отсутствием мер по очистке входных данных, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-15588 There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability. | CVSS3: 7.2 | 7% Низкий | больше 6 лет назад |
| GHSA-h8gj-qmf3-67wf There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability. | CVSS3: 7.2 | 7% Низкий | больше 3 лет назад |
 | BDU:2023-00715 Уязвимость менеджера репозиториев Sonatype Nexus Repository Manager, связанная с отсутствием мер по очистке входных данных, позволяющая нарушителю выполнить произвольный код | CVSS3: 7.2 | 7% Низкий | больше 6 лет назад |
Уязвимостей на страницу