Tag
nexus-repository-manager
Safeguard articles tagged "nexus-repository-manager" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
Nexus Repository Manager 3 Remote Code Execution (CVE-202...
CVE-2020-10199 is a critical Java EL injection flaw in Sonatype Nexus Repository Manager 3 letting authenticated users achieve remote code execution.
Nov 23, 20257 min read
Vulnerability Analysis
Nexus Repository Manager Authenticated RCE via EL Injecti...
CVE-2020-10204 lets an authenticated Nexus Repository Manager user execute arbitrary code via EL injection. Here is what changed and how to respond.
Nov 22, 20257 min read