Description

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

Remediation

References

CVE-2019-5475

Related Vulnerabilities

MySQL CVE-2021-35627 Vulnerability (CVE-2021-35627)

Magento Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability (CVE-2019-8113)

Internet Information Services Integer Overflow or Wraparound Vulnerability (CVE-2008-1446)

PHP Integer Overflow or Wraparound Vulnerability (CVE-2016-5770)

WordPress Plugin WP Smart Security PHP Object Injection (1.0)

Severity

High

Classification

CVE-2019-5475 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities