Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-29407

Server Side Request Forgery

    Details

    • Type: Story
    • Status: Done
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.36.0
    • Component/s: Transport
    • Labels:

      Description

      An SSRF (Server Side Request Forgery) vulnerability was identified in Sonatype Nexus Repository before 3.36.0, potentially leading to network enumeration or facilitating other attacks.

      More details in KB article.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            dsawa Dawid Sawa
            Last Updated By:
            Dawid Sawa Dawid Sawa
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title