Known vulnerabilities in Sonatype Inc. Nexus Repository Manager

Vendor: Sonatype Inc.
Website: https://www.sonatype.com/
Total Security Bulletins: 16

Security bulletins (16)

Secuity bulletin Severity Status Published
SB20260113100: Multiple vulnerabilities in Sonatype Nexus Repository Manager Low
Patched
13.01.2026
SB20251204103: Stored XSS in Sonatype Nexus Repository Low
Patched
04.12.2025
SB2025101010: Server-Side Request Forgery (SSRF) in Sonatype Nexus Repository Manager Medium
Not patched
10.10.2025
SB2024052498: Path traversal in Sonatype Nexus Repository High
Patched Public exploit
24.05.2024
SB2022031742: HTML injection in Sonatype Nexus Repository Manager Low
Patched
17.03.2022
SB2021110307: Information disclosure in Sonatype Nexus Repository Manager Low
Patched
03.11.2021
SB2020040209: Multiple vulnerabilities in Sonatype Nexus Repository Manager High
Patched Exploited
02.04.2020
SB2019090312: OS Command Injection in Sonatype Nexus Repository Manager Medium
Patched
03.09.2019
SB2019082238: Stored XSS in Nexus Repository Manager Low
Patched
22.08.2019
SB2019070820: Multiple vulnerabilities in Sonatype Nexus Repository Manager High
Patched
08.07.2019
SB2019050707: Cross-site scripting in Sonatype Nexus Repository Manager Medium
Patched
07.05.2019
SB2019032114: Remote code execution in Sonatype Nexus Repository Manager High
Patched Exploited
21.03.2019
SB2018111512: Multiple vulnerabilities in Sonatype Nexus Repository Manager Medium
Patched
15.11.2018
SB2018061112: XSS in Sonatype Nexus Repository Manager Low
Patched
11.06.2018
SB2018020923: XSS in Sonatype Nexus Repository Manager Medium
Patched
09.02.2018
SB2017121703: Weak password encryption in Sonatype Nexus Repository Manager Low
Patched
17.12.2017