Vulnerabilities > Sonatype > Nexus > 2.11.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-01 | CVE-2020-10204 | Improper Input Validation vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. | 9.0 |
| 2020-04-01 | CVE-2020-10203 | Cross-site Scripting vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows XSS. | 3.5 |
| 2020-04-01 | CVE-2020-10199 | Expression Language Injection vulnerability in Sonatype Nexus Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). | 8.8 |
| 2019-03-21 | CVE-2019-7238 | Unspecified vulnerability in Sonatype Nexus Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. | 7.5 |
| 2015-01-05 | CVE-2014-9389 | Path Traversal vulnerability in Sonatype Nexus 2.11.0 Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote attackers to read or write to arbitrary files via unspecified vectors. | 7.5 |