CVE-2022-27907

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository Manager versions prior to 3.38.0

Description The issue allows for Server-Side Request Forgery (SSRF), which is a type of attack where an attacker can trick a server into making requests to arbitrary domains. This can potentially lead to unauthorized access to sensitive data or systems.

Recommendations For versions prior to 3.38.0, update to version 3.38.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Nexus Repository Manager to minimize the risk of exploitation.