CVE-2014-0792

Priority
Description
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create
arbitrary objects and execute arbitrary code via unspecified vectors
related to unmarshalling of unintended Object types.
Notes
 sarnold> I'm unclear on the relationship between Maven Indexer and Sonatype
  Nexus; so I'm marking maven-indexer as an involved package because I haven't
  seen any information to the contrary. More research is needed.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Trusty/esm:DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):needs-triage
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-04-26 14:14:47 UTC (commit 30899e40836d26e1bb5f0b072d31fd87b6cf3bd4)