GHSA-f34x-8pf6-qc9c
Suggest an improvement- Source
- https://github.com/advisories/GHSA-f34x-8pf6-qc9c
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-f34x-8pf6-qc9c/GHSA-f34x-8pf6-qc9c.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-f34x-8pf6-qc9c
- Aliases
-
- CVE-2021-40143
- Published
- 2021-09-08T17:42:18Z
- Modified
- 2023-11-08T04:06:46.479030Z
- Severity
-
- 8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N CVSS Calculator
- Summary
- HTTP header injection in Sonatype Nexus Repository
- Details
-
Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance.
- Database specific
{ "nvd_published_at": "2021-09-07T20:15:00Z", "github_reviewed_at": "2021-09-08T17:35:50Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-74" ] }- References
Affected packages
Maven / org.sonatype.nexus:nexus-repository
Package
- Name
- org.sonatype.nexus:nexus-repository
- View open source insights on deps.dev
- Purl
- pkg:maven/org.sonatype.nexus/nexus-repository
Affected versions
3.*
3.0.0-03
3.0.1-01
3.0.2-02
3.1.0-04
3.2.0-01
3.2.1-01
3.3.0-01
3.3.1-01
3.3.2-02
3.4.0-02
3.5.0-02
3.5.1-02
3.5.2-01
3.6.0-02
3.6.1-02
3.6.2-01
3.7.0-04
3.7.1-02
3.8.0-02
3.9.0-01
3.10.0-04
3.11.0-01
3.12.0-01
3.12.1-01
3.13.0-01
3.14.0-04
3.15.0-01
3.15.1-01
3.15.2-01
3.15.3-01
3.16.0-01
3.16.1-02
3.16.2-01
3.17.0-01
3.17.1-01
3.17.2-03
3.18.0-01
3.18.1-01
3.19.0-01
3.19.1-01
3.20.0-02
3.20.0-04
3.20.1-01
3.20.2-01
3.20.3-01
3.21.0-01
3.21.0-02
3.21.0-05
3.21.1-01
3.21.2-03
3.22.0-01
3.22.0-02
3.22.1-01
3.22.1-02
3.23.0-01
3.23.0-03
3.24.0-01
3.24.0-02
3.25.0-02
3.25.0-03
3.25.1-01
3.25.1-02
3.25.1-03
3.25.1-04
3.26.0-01
3.26.0-02
3.26.0-03
3.26.0-04
3.26.1-02
3.27.0-02
3.27.0-03
3.28.0-01
3.28.1-01
3.29.0-02
3.29.1-01
3.29.2-02
3.30.0-01
3.30.1-01
3.31.0-01
3.31.1-01
3.32.0-03
3.32.1-01
3.33.0-01
3.33.1-01