All versions prior to Nexus 2.11.1-01 are affected.
A severe security vulnerability has been discovered in Nexus requiring immediate action.
The identified vulnerabilities can allow an attacker to perform directory traversal to read/write sensitive data files. We are highly recommending all instances of Nexus that are running affected versions to upgrade to Nexus 2.11.1-01 or greater.
This vulnerability was identified by an external researcher and has been verified by our security team. We are not aware of any active exploits taking advantage of this issue. We strongly encourage all users of Nexus to immediately take the steps outlined in the official advisory.