Description
Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3.19, and IQ Server before 72, has remote code execution.
Remediation
References
https://issues.sonatype.org/secure/ReleaseNote.jspa
https://support.sonatype.com/hc/en-us/articles/360036132453
Related Vulnerabilities
CVE-2023-50730 Vulnerability in maven package org.typelevel:grackle-core_2.13
CVE-2023-28674 Vulnerability in maven package org.jenkinsci.plugins:octoperf
CVE-2021-20218 Vulnerability in maven package io.fabric8:kubernetes-client
CVE-2021-41182 Vulnerability in maven package org.webjars.bower:jquery-ui