Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-31630

CVE-2022-27907 Nexus Repository 3 - Server Side Request Forgery (SSRF) - 2022-03-30

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.0
    • Fix Version/s: 3.38.0
    • Component/s: None
    • Labels:

      Description

      Sonatype Nexus Repository 3.x through 3.37.3 is vulnerable to Server Side Request Forgery (SSRF).
      https://sonatype.zendesk.com/knowledge/articles/5011047953555

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            dsawa Dawid Sawa
            Last Updated By:
            Dawid Sawa Dawid Sawa
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title