← voltar
CVE-2014-0792

CVE-2014-0792

EPSS 2.8%
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://sonatype.zendesk.com/entries/37551958-Configuring-Xstream-Whitelisthttps://support.sonatype.com/entries/37828023-Nexus-Security-Vulnerabilityhttp://www.sonatype.org/advisories/archive/2014-01-13-Nexus