Vulnerabilities > Sonatype > Nexus Repository Manager > 3.30.1.01

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2022-27907 Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository Manager
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
network
low complexity
sonatype CWE-918
4.0
4.0
2022-03-17 CVE-2021-43961 Cross-site Scripting vulnerability in Sonatype Nexus Repository Manager
Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection.
network
sonatype CWE-79
4.3
4.3
2021-11-02 CVE-2021-42568 Information Exposure vulnerability in Sonatype Nexus Repository Manager
Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account.
network
low complexity
sonatype CWE-200
4.0
4.0