I would like to start implementing a plugin to detect Nexus Repository 3 Arbitrary File Read (CVE-2024-4956). This vulnerability was published on May 2024. I believe AI software may also use this.
Description:
Sonatype Nexus Repository Manager is an open-source repository management system developed by Sonatype. It is designed to organize, store, and distribute software components, binaries, and build artifacts across an organization's software development lifecycle. Nexus supports a wide variety of repository formats, including Maven, npm, NuGet, Docker, and more, making it a versatile tool for managing dependencies in various programming languages and environments.
Hi there.
I would like to start implementing a plugin to detect Nexus Repository 3 Arbitrary File Read (CVE-2024-4956). This vulnerability was published on May 2024. I believe AI software may also use this.
References: https://nvd.nist.gov/vuln/detail/CVE-2024-4956
Description: Sonatype Nexus Repository Manager is an open-source repository management system developed by Sonatype. It is designed to organize, store, and distribute software components, binaries, and build artifacts across an organization's software development lifecycle. Nexus supports a wide variety of repository formats, including Maven, npm, NuGet, Docker, and more, making it a versatile tool for managing dependencies in various programming languages and environments.
Affected Versions: Sonatype Nexus Repository < 3.68.1
Thanks.