Nexus repository manager 3
This hub aggregates every CVE we track for Nexus repository manager 3, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 6 most recently published vulnerabilities affecting Nexus repository manager 3.
- CVE-2021-40143Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request externa...8.2
- CVE-2021-29158Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control.4.9
- CVE-2020-15871Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution.8.8
- CVE-2020-15869Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2).5.4
- CVE-2020-15870Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2).6.1
- CVE-2020-11753An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks with...8.8
Product normalization is registry-driven with AI assist and human review. How it works