Sonatype Nexus Repository Manager up to 3.32.x cross site scripting

A vulnerability has been found in Sonatype Nexus Repository Manager up to 3.32.x and classified as problematic. This vulnerability affects some unknown processing of the component Repository Handler. Upgrading to version 3.33.0 eliminates this vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

CVE-2024-38319 : IBM SECURITY SOAR 51.0.2.0 CODE INJECTION

Description IBM Security SOAR 51.0.2.0 could allow an authenticated user to execute malicious code loaded from a specially crafted script.

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

CVE-2024-5443 : PARISNEO LOLLMS UP TO 9.7 EXTENSIONBUILDER.BUILD_EXTENSIONN PATH TRAVERSAL

Description CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().build_extension()` function. The vulnerability arises from the `/mount_extension`

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

Description Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile