Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-24349

CVE-2020-15012 - NXRM2 Directory Traversal vulnerability

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.14.18
    • Fix Version/s: 2.14.19
    • Component/s: Security
    • Labels:
    • Release Note:
      Yes

      Description

      A directory traversal vulnerability has been found in NXRM 2, a specially crafted request can allow you to retrieve file system content that isn't intended.

      2.14.18 is the listed affected version, but this issue has been around for quite some time

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            dbradicich Damian Bradicich
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title