Description

The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.

Remediation

References

CVE-2019-5475

Related Vulnerabilities

Oracle Database Server CVE-2023-22071 Vulnerability (CVE-2023-22071)

OpenSSL Resource Management Errors Vulnerability (CVE-2011-3210)

WordPress Plugin Digital River Global Commerce Supply Chain Attack [Polyfill.io] (2.0.2)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31799)

WordPress Plugin CallRail Phone Call Tracking Cross-Site Request Forgery (0.4.9)

Severity

High

Classification

CVE-2019-5475 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities