Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-27444

CVE-2021-30635 - Directory Traversal vulnerability

    XMLWordPrintable

    Details

    • Type: Story
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.29.2
    • Fix Version/s: 3.30.1
    • Component/s: Security
    • Labels:

      Description

      An unauthenticated user can submit a crafted HTTP request to get a list of files and directories that exist in Nexus Repository’s webroot.

        Attachments

          Activity

            People

            Assignee:
            mchernikov Maksym Chernikov
            Reporter:
            mchernikov Maksym Chernikov
            Last Updated By:
            Maksym Chernikov Maksym Chernikov
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title