Vulnerabilities > Sonatype > Nexus > 2.0.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-01 | CVE-2020-10204 | Improper Input Validation vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. | 7.2 |
2020-04-01 | CVE-2020-10203 | Cross-site Scripting vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows XSS. | 4.8 |
2020-04-01 | CVE-2020-10199 | Expression Language Injection vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). | 8.8 |
2019-03-21 | CVE-2019-7238 | Unspecified vulnerability in Sonatype Nexus Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. | 9.8 |