Unrated severityNVD Advisory· Published Jan 17, 2014· Updated Jun 17, 2026
CVE-2014-0792
CVE-2014-0792
Description
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
Affected products
26cpe:2.3:a:sonatype:nexus:1.0:*:*:*:*:*:*:*+ 25 more
- cpe:2.3:a:sonatype:nexus:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.4:1:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:04:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:05:*:*:*:*:*:*
- cpe:2.3:a:sonatype:nexus:2.7.0:06:*:*:*:*:*:*
- (no CPE)range: <=2.7.1
Patches
Vulnerability mechanics
References
3- www.sonatype.org/advisories/archive/2014-01-13-NexusnvdPatchVendor Advisory
- support.sonatype.com/entries/37828023-Nexus-Security-VulnerabilitynvdPatchVendor Advisory
- sonatype.zendesk.com/entries/37551958-Configuring-Xstream-Whitelistnvd
News mentions
0No linked articles in our index yet.