Description

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

Remediation

References

CVE-2019-5475

Related Vulnerabilities

Drupal Core 6.x Multiple Vulnerabilities (6.0 - 6.6)

Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-38887)

Squid Improper Input Validation Vulnerability (CVE-2013-1839)

WordPress Plugin yolink Search for WordPress Cross-Site Scripting (2.5)

WordPress Plugin Lightweight Accordion Cross-Site Scripting (1.5.14)

Severity

High

Classification

CVE-2019-5475 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities