Org.sonatype.nexus:nexus-repository
This hub aggregates every CVE we track for Org.sonatype.nexus:nexus-repository, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 2 most recently published vulnerabilities affecting Org.sonatype.nexus:nexus-repository.
- CVE-2021-40143Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request externa...8.2
- CVE-2019-16530Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.7.2
Product normalization is registry-driven with AI assist and human review. How it works