The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.
References
Link | Resource |
---|---|
https://hackerone.com/reports/654888 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2019-09-03T19:13:43
Updated: 2019-09-03T19:13:43
Reserved: 2019-01-04T00:00:00
Link: CVE-2019-5475
JSON object: View
NVD Information
Status : Modified
Published: 2019-09-03T20:15:11.467
Modified: 2019-10-09T23:50:55.853
Link: CVE-2019-5475
JSON object: View
Redhat Information
No data.
CWE