SonatypeCVEs & Vulnerabilities

43 CVEs affecting Sonatype products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

nexus 37nexus repository manager 29nexus repository manager 3 7nexus iq server 1
CVE-2024-5764MEDIUM

Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated. This issue affects Nexus Repository: from 3.0.0 through 3.72.0.

23 Oct 2024
6.5
CVSS
CVE-2022-27907MEDIUM

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.

30 Mar 2022
4.3
CVSS
CVE-2021-43961MEDIUM

Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection.

18 Mar 2022
4.3
CVSS
CVE-2019-7238KEVCRITICALin the wild

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.

10 Dec 2021
9.8
CVSS
CVE-2021-43293MEDIUM

Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF).

4 Nov 2021
4.3
CVSS
CVE-2020-10199KEVHIGHin the wild

Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).

3 Nov 2021
8.8
CVSS
CVE-2021-42568MEDIUM

Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account.

2 Nov 2021
4.3
CVSS
CVE-2021-40143HIGH

Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.

7 Sep 2021
8.2
CVSS
CVE-2021-37152MEDIUM

Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository Manager’s pages with code modifications.

10 Aug 2021
5.4
CVSS
CVE-2021-34553MEDIUM

Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote authenticated attacker to get a list of blob files and read the content of a blob file (via a GET request) without having been granted access.

18 Jun 2021
4.3
CVSS
CVE-2021-29159MEDIUM

A cross-site scripting (XSS) vulnerability has been discovered in Nexus Repository Manager 3.x before 3.30.1. An attacker with a local account can create entities with crafted properties that, when viewed by an administrator, can execute arbitrary JavaScript in the context of the NXRM application.

28 Apr 2021
6.1
CVSS
CVE-2021-30635MEDIUM

Sonatype Nexus Repository Manager 3.x before 3.30.1 allows a remote attacker to get a list of files and directories that exist in a UI-related folder via directory traversal (no customer-specific data is exposed).

27 Apr 2021
5.3
CVSS
CVE-2021-29158MEDIUM

Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control.

24 Apr 2021
4.9
CVSS
CVE-2020-29436MEDIUM

Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.29.0.

17 Dec 2020
6.5
CVSS
CVE-2020-15012HIGH

A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19. A user that requests a crafted path can traverse up the file system to get access to content on disk (that the user running nxrm also has access to).

13 Oct 2020
8.6
CVSS
CVE-2020-24622MEDIUM

In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed by an admin user.

25 Aug 2020
4.9
CVSS
CVE-2020-15868HIGH

Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control.

13 Aug 2020
7.5
CVSS
CVE-2020-15871HIGH

Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution.

31 Jul 2020
8.8
CVSS
CVE-2020-15870MEDIUM

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2).

31 Jul 2020
6.1
CVSS
CVE-2020-15869MEDIUM

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2).

31 Jul 2020
5.4
CVSS
CVE-2020-11415MEDIUM

An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. Admin users can retrieve the LDAP server system username/password (as configured in nxrm) in cleartext.

27 Apr 2020
4.9
CVSS
CVE-2020-11753HIGH

An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is possible for a user with appropriate privileges to create, modify, and execute scripting tasks without use of the UI or API. NOTE: in 3.22.0, scripting is disabled by default (making this not exploitable).

20 Apr 2020
8.8
CVSS
CVE-2020-11444HIGH

Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control.

2 Apr 2020
8.8
CVSS
CVE-2020-10204HIGH

Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution.

1 Apr 2020
7.2
CVSS
CVE-2020-10203MEDIUM

Sonatype Nexus Repository before 3.21.2 allows XSS.

1 Apr 2020
4.8
CVSS
CVE-2019-15588HIGH

There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) that could allow an attacker a Remote Code Execution (RCE). All instances using CommandLineExecutor.java with user-supplied data is vulnerable, such as the Yum Configuration Capability.

1 Nov 2019
7.2
CVSS
CVE-2019-16530HIGH

Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.

21 Oct 2019
7.2
CVSS
CVE-2019-15893HIGH

Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Code Execution.

16 Oct 2019
7.2
CVSS
CVE-2019-5475HIGH

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

3 Sep 2019
8.8
CVSS
CVE-2019-14469MEDIUM

In Nexus Repository Manager before 3.18.0, users with elevated privileges can create stored XSS.

22 Aug 2019
5.4
CVSS
CVE-2019-9630HIGH

Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images.

8 Jul 2019
7.5
CVSS
CVE-2019-9629CRITICAL

Sonatype Nexus Repository Manager before 3.17.0 establishes a default administrator user with weak defaults (fixed credentials).

8 Jul 2019
9.8
CVSS
CVE-2019-11629MEDIUM

Sonatype Nexus Repository Manager 2.x before 2.14.13 allows XSS.

7 May 2019
6.1
CVSS
CVE-2018-16621HIGH

Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection.

15 Nov 2018
7.2
CVSS
CVE-2018-16620HIGH

Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control.

15 Nov 2018
7.5
CVSS
CVE-2018-16619MEDIUM

Sonatype Nexus Repository Manager before 3.14 allows XSS.

15 Nov 2018
6.1
CVSS
CVE-2018-12100MEDIUM

Sonatype Nexus Repository Manager versions 3.x before 3.12.0 has XSS in multiple areas in the Administration UI.

11 Jun 2018
4.8
CVSS
CVE-2018-5307MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 2.x before 2.14.6 allow remote attackers to inject arbitrary web script or HTML via (1) the repoId or (2) format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; (3) the filename in the "File Upload" functionality of the Staging Upload; (4) the username when creating a new user; or (5) the IQ Server URL field in the IQ Server Connection functionality.

10 Feb 2018
6.1
CVSS
CVE-2018-5306MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Sonatype Nexus Repository Manager (aka NXRM) 3.x before 3.8 allow remote attackers to inject arbitrary web script or HTML via (1) the repoId or (2) format parameter to service/siesta/healthcheck/healthCheckFileDetail/.../index.html; (3) the filename in the "File Upload" functionality of the Staging Upload; (4) the username when creating a new user; or (5) the IQ Server URL field in the IQ Server Connection functionality.

10 Feb 2018
6.1
CVSS
CVE-2017-17717CRITICAL

Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded CMMDwoV value in the LDAP integration feature.

17 Dec 2017
9.8
CVSS
CVE-2014-9389HIGH

Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote attackers to read or write to arbitrary files via unspecified vectors.

5 Jan 2015
7.5
CVSS
CVE-2014-2034HIGH

Unspecified vulnerability in Sonatype Nexus OSS and Pro 2.4.0 through 2.7.1 allows attackers to create arbitrary user accounts via unknown vectors related to "an unauthenticated execution path."

1 Apr 2014
7.5
CVSS
CVE-2014-0792HIGH

Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.

17 Jan 2014
7.5
CVSS
← PrevPage 1 / 1Next →