Refine your search

3 vulnerabilities found for Nexus Repository by Sonatype

CVE-2025-13488 (GCVE-0-2025-13488)
Vulnerability from nvd
Published
2025-12-04 18:16
Modified
2025-12-04 20:00
Severity ?
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
CWE
  • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context.
References
Impacted products
Vendor Product Version
Sonatype Nexus Repository Version: 3.83.0    3.86.2
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13488",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-04T18:55:03.160324Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-04T20:00:41.734Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Nexus Repository",
          "vendor": "Sonatype",
          "versions": [
            {
              "lessThanOrEqual": "3.86.2",
              "status": "affected",
              "version": "3.83.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Seif Elsallamy / @0x21SAFE"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eXSS\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e) vulnerability with user context.\u003c/span\u003e"
            }
          ],
          "value": "Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-04T18:16:56.582Z",
        "orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
        "shortName": "Sonatype"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://help.sonatype.com/en/sonatype-nexus-repository-3-87-0-release-notes.html"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.sonatype.com/hc/en-us/articles/46896142768019"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Nexus Repository 3 - Stored Cross-Site Scripting (XSS)",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
    "assignerShortName": "Sonatype",
    "cveId": "CVE-2025-13488",
    "datePublished": "2025-12-04T18:16:56.582Z",
    "dateReserved": "2025-11-20T20:16:15.824Z",
    "dateUpdated": "2025-12-04T20:00:41.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-5764 (GCVE-0-2024-5764)
Vulnerability from nvd
Published
2024-10-23 14:47
Modified
2024-10-23 15:55
Severity ?
5.9 (Medium) - CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-798 - Use of Hard-coded Credentials
Summary
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated. This issue affects Nexus Repository: from 3.0.0 through 3.72.0.
References
Impacted products
Vendor Product Version
Sonatype Nexus Repository Version: 3.0.0    3.72.0
    cpe:2.3:a:sonatype:nexus_repository_manager:3.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.9.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.10.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.11.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.13.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.14.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.15.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.16.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.17.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.18.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.19.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.21.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.22.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.22.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.23.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.24.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.25.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.26.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.29.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.29.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.30.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.30.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.31.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.31.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.32.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.33.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.33.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.34.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.34.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.35.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.36.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.32.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.37.3:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.38.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.38.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.39.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.40.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.40.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.41.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.41.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.42.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.43.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.44.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.45.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.45.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.46.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.47.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.47.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.48.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.49.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.50.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.51.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.52.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.53.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.53.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.54.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.54.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.55.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.56.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.57.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.57.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.58.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.58.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.59.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.61.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.62.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.63.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.64.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.65.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.66.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.67.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.67.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.68.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.68.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.69.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.70.3:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.71.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.72.0:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5764",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T15:54:50.774189Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T15:55:05.124Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.0.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.0.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.3.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.4.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.5.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.6.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.7.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.7.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.8.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.9.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.10.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.11.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.12.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.12.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.13.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.14.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.15.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.16.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.17.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.18.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.18.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.19.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.19.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.20.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.20.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.21.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.22.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.22.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.23.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.24.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.25.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.25.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.26.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.26.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.27.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.28.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.28.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.29.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.29.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.30.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.30.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.31.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.31.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.32.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.33.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.33.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.34.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.34.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.35.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.36.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.32.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.37.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.38.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.38.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.39.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.40.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.40.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.41.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.41.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.42.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.43.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.44.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.45.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.45.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.46.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.47.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.47.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.48.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.49.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.50.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.51.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.52.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.53.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.53.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.54.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.54.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.55.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.56.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.57.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.57.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.58.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.58.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.59.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.60.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.61.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.62.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.63.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.64.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.65.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.66.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.67.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.67.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.68.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.68.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.69.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.70.3:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.71.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.72.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Nexus Repository",
          "vendor": "Sonatype",
          "versions": [
            {
              "lessThanOrEqual": "3.72.0",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dylan Evans at/of Maveris, LLC"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUse of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated.\u003c/p\u003e\u003cp\u003eThis issue affects Nexus Repository: from 3.0.0 through 3.72.0.\u003c/p\u003e"
            }
          ],
          "value": "Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated.\n\nThis issue affects Nexus Repository: from 3.0.0 through 3.72.0."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-798",
              "description": "CWE-798 Use of Hard-coded Credentials",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-23T14:47:55.783Z",
        "orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
        "shortName": "Sonatype"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.sonatype.com/hc/en-us/articles/34496708991507"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Nexus Repository 3 - Static hard-coded encryption passphrase used by default",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
    "assignerShortName": "Sonatype",
    "cveId": "CVE-2024-5764",
    "datePublished": "2024-10-23T14:47:55.783Z",
    "dateReserved": "2024-06-07T20:20:30.499Z",
    "dateUpdated": "2024-10-23T15:55:05.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-13488 (GCVE-0-2025-13488)
Vulnerability from cvelistv5
Published
2025-12-04 18:16
Modified
2025-12-04 20:00
Severity ?
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
CWE
  • CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context.
References
Impacted products
Vendor Product Version
Sonatype Nexus Repository Version: 3.83.0    3.86.2
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:*:*:*:*:*:*:*
    cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13488",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-04T18:55:03.160324Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-04T20:00:41.734Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.83.2:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.84.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.85.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:sonatype:nexus_repository_manager:3.86.2:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Nexus Repository",
          "vendor": "Sonatype",
          "versions": [
            {
              "lessThanOrEqual": "3.86.2",
              "status": "affected",
              "version": "3.83.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Seif Elsallamy / @0x21SAFE"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDue to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eXSS\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e) vulnerability with user context.\u003c/span\u003e"
            }
          ],
          "value": "Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-04T18:16:56.582Z",
        "orgId": "103e4ec9-0a87-450b-af77-479448ddef11",
        "shortName": "Sonatype"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://help.sonatype.com/en/sonatype-nexus-repository-3-87-0-release-notes.html"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://support.sonatype.com/hc/en-us/articles/46896142768019"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Nexus Repository 3 - Stored Cross-Site Scripting (XSS)",
      "x_generator": {
        "engine": "Vulnogram 0.5.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "103e4ec9-0a87-450b-af77-479448ddef11",
    "assignerShortName": "Sonatype",
    "cveId": "CVE-2025-13488",
    "datePublished": "2025-12-04T18:16:56.582Z",
    "dateReserved": "2025-11-20T20:16:15.824Z",
    "dateUpdated": "2025-12-04T20:00:41.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}