Vulnerabilities > Sonatype > Nexus Repository Manager 3

DATE CVE VULNERABILITY TITLE RISK
2021-09-07 CVE-2021-40143 Injection vulnerability in Sonatype Nexus Repository Manager 3
Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection.
network
low complexity
sonatype CWE-74
6.4
6.4
2021-04-23 CVE-2021-29158 Incorrect Authorization vulnerability in Sonatype Nexus Repository Manager 3 3.25.1
Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control.
network
low complexity
sonatype CWE-863
4.0
4.0
2020-07-31 CVE-2020-15871 Incorrect Permission Assignment for Critical Resource vulnerability in Sonatype Nexus Repository Manager 3
Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution.
network
sonatype CWE-732
6.8
6.8
2020-07-31 CVE-2020-15870 Cross-site Scripting vulnerability in Sonatype Nexus Repository Manager 3
Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2).
network
sonatype CWE-79
4.3
4.3
2020-07-31 CVE-2020-15869 Cross-site Scripting vulnerability in Sonatype Nexus Repository Manager 3
Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2).
network
sonatype CWE-79
4.3
4.3
2020-04-20 CVE-2020-11753 Incorrect Authorization vulnerability in Sonatype Nexus Repository Manager 3 3.21.1/3.22.0
An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0.
network
low complexity
sonatype CWE-863
8.8
8.8