Home

Description

Nexus Repository 3 is vulnerable to Server-Side Request Forgery (SSRF) via the SSL Certificate Retrieval endpoint. A user holding the nexus:ssl-truststore:read permission could cause the server to initiate outbound connections to internal or otherwise restricted network hosts. This issue affects Nexus Repository 3.0.0 through versions prior to 3.94.0.

PUBLISHED Reserved 2026-04-30 | Published 2026-07-14 | Updated 2026-07-14 | Assigner Sonatype




MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N

Problem types

CWE-918 Server-Side Request Forgery (SSRF)

Product status

Default status
unaffected

3.0.0 (semver) before 3.94.0
affected

Credits

Muhamad Burhanudin finder

References

help.sonatype.com/...us-repository-3-94-0-release-notes.html patch

support.sonatype.com/hc/en-us/articles/53126069518227 vendor-advisory

cve.org (CVE-2026-7494)

nvd.nist.gov (CVE-2026-7494)

Download JSON