CVE-2019-5475

Summary

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

Affected Software

VendorProductVersion RangeStatus
n/aNexus Repository Manager2.14.9-01affected

Weaknesses

  • CWE-78: OS Command Injection (CWE-78)

ADP Enrichment

CVE Program Container

Additional References

References