2.0.6

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-01	CVE-2020-10204	Improper Input Validation vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. network low complexity sonatype CWE-20	7.2
2020-04-01	CVE-2020-10203	Cross-site Scripting vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows XSS. network low complexity sonatype CWE-79	4.8
2020-04-01	CVE-2020-10199	Expression Language Injection vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). network low complexity sonatype CWE-917	8.8
2019-03-21	CVE-2019-7238	Unspecified vulnerability in Sonatype Nexus Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. network low complexity sonatype critical	9.8