Unrated severityNVD Advisory· Published Jan 17, 2014· Updated Apr 29, 2026
CVE-2014-0792
CVE-2014-0792
Description
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
Affected products
25cpe:2.3:a:sonatype:nexus:2.7.0:04:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:sonatype:nexus:2.7.0:04:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:05:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:06:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.4:1:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- www.sonatype.org/advisories/archive/2014-01-13-NexusnvdPatchVendor Advisory
- support.sonatype.com/entries/37828023-Nexus-Security-VulnerabilitynvdPatchVendor Advisory
- sonatype.zendesk.com/entries/37551958-Configuring-Xstream-Whitelistnvd
News mentions
0No linked articles in our index yet.