← back
CVE-2014-0792

CVE-2014-0792

EPSS 2.8%
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://sonatype.zendesk.com/entries/37551958-Configuring-Xstream-Whitelisthttps://support.sonatype.com/entries/37828023-Nexus-Security-Vulnerabilityhttp://www.sonatype.org/advisories/archive/2014-01-13-Nexus