VYPR
Unrated severityNVD Advisory· Published Jan 17, 2014· Updated Jun 17, 2026

CVE-2014-0792

CVE-2014-0792

Description

Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.

Affected products

26
  • Sonatype/Nexus26 versions
    cpe:2.3:a:sonatype:nexus:1.0:*:*:*:*:*:*:*+ 25 more
    • cpe:2.3:a:sonatype:nexus:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0.4:1:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.7.0:04:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.7.0:05:*:*:*:*:*:*
    • cpe:2.3:a:sonatype:nexus:2.7.0:06:*:*:*:*:*:*
    • (no CPE)range: <=2.7.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.