Welcome to the Sonatype Support Knowledge Base

Announcements

• ★ codehaus.org Repositories Should Be Removed From Your Nexus Instance
• ★ Sonatype Data Research supplies reserved CVE CVSS scores
• IQ vulnerability information contains the Root Cause
• Commons-collections unintended execution in deserialization
• Spring-core unintended code execution in deserialization
• OpenSSL Heartbleed bug and Sonatype

Product Support Overview

• ★ Nexus Repository Manager Feature Compatibility Matrix
• How do I find my Nexus product license fingerprint?
• Sonatype Security Data Sources and Research Overview
• Support Ticket Best Practices
• Sonatype Product Ideas Portal Help
• Sonatype Product and Solutions Overview

See all 10 articles

Security Advisories

• CVE-2020-29436 Nexus Repository Manager 3 and Nexus IQ Server - XML External Entities injection - 2020-12-15
• CVE-2020-13933 Nexus Repository Manger 2 & 3 - Shiro Authentication Bypass - 2020-10-15
• CVE-2020-24622 Nexus Repository Manager 3 - Sensitive Information Disclosure - 2020-09-15
• CVE-2020-15868 Nexus Repository Manager 3 - Access Controls Bypass - 2020-08-11
• CVE-2020-15871 Nexus Repository Manager 3 - Remote Code Execution - 2020-07-29
• CVE-2020-15870 Nexus Repository Manager 3 - Reflection XSS - 2020-07-29

See all 30 articles

General Product Tips & How To

• Why do nuget push commands authenticate yet still return a 401 response code?
• SAML integration for Nexus Repository Manager Pro 3 and Nexus IQ Server with Keycloak
• Error during SSO login "Authentication failed due to SAML error" after upgrading Repository Manager 3 or IQ Server
• SAML integration for Nexus Repository Manager Pro 3 and Nexus IQ Server with Auth0
• How to Install a Sonatype License File (.lic)
• 401 Content access is protected by token when accessing repositories

See all 20 articles

Apache Maven Tips & Troubleshooting

• maven-release-plugin + nexus-staging-plugin + Maven 2.2.1 Server Credentials with ID not found
• What are the requests that Maven 3.x sends when deploying artifacts?
• Configuring Maven HTTP Wagon Detailed Logging
• HTTPS/SSL deploy fails with "Received fatal alert: bad_record_mac"
• Maven deploys fail with Java 7, work with Java 6
• Maven deploy works using plain text password, but fails if encrypted

Nexus Repository Manager 3

General Tips & How To

• How to Configure Credentials for GCR Proxy Repository
• nuget push Prompts for Credentials when Anonymous Access is not Enabled
• How can I change the number of days of Nexus 3 audit logs retained?
• How to grant anonymous access to a specific repository?
• How to create a list of users and permissions in Nexus 3
• Considerations For NXRM 3 Inside Air-Gapped Networks

See all 16 articles

Release Notes

• ★ Nexus Repository Manager 3 Latest Release Notes
• Download Nexus Repository Manager 3
• Nexus Repository Manager 3.5.0 Release Notes
• Nexus Repository Manager 3.4.0 Release Notes
• Nexus Repository Manager 3.3.2 Release Notes
• Nexus Repository Manager 3.3.1 Release Notes

See all 20 articles

Installation, Upgrade and Compatibility

• How to resolve file blob store path warnings when upgrading to NXRM 3.29 or later
• Nexus Repository Manager 2.x to 3.y Migration Checklist
• How to Redirect HTTP requests to HTTPS?
• Moving a Nexus Repo 3 Installation to a New Location
• Updating Java for Nexus 3 on Windows
• Configuring network interface for Nexus HA-C with TCP/IP

See all 28 articles

Troubleshooting

• What does CacheInfo missing for ... assuming stale content mean?
• conan download Fails With 'Please enter a password'
• User with add Privilege Encounters "Not authorized for requested path" Attempting to Upload to a Repository
• Nexus Repo fails to start after upgrade with error "KeyStores with multiple certificates are not supported"
• S3 Blobstore "Timeout waiting for connection from pool"
• Error "repository does not have a Release file" using apt proxy repository

See all 49 articles

Development

• How can I convert a groovy script to JSON for REST API usage ?
• Script Parameters
• Groovy: Close those transactions, or else...
• Nexus 3 Groovy Script development environment setup

Nexus Repository Manager 2

Release Notes

• ★ Nexus Repository Manager 2 Release Notes Index
• Nexus Repository Manager 2.14.5 Release Notes
• Nexus Repository Manager 2.14.4 Release Notes
• Nexus Repository Manager 2.14.3 Release Notes
• Nexus Repository Manager 2.14.2 Release Notes
• Nexus Repository Manager 2.14.1 Release Notes

See all 22 articles

Getting Started

• Download Nexus Repository Manager 2
• Nexus Repository Manager Professional Download Archives
• Nexus Repository Manager OSS Download Archives
• What are the available Sonatype Nexus Repository Manager 2.x distributions and editions?
• Sonatype Nexus System Requirements
• Nexus Pro Trial Edition vs. Nexus Professional Full Edition

See all 22 articles

General Tips & How To

• Jenkins Publish Using Maven Coordinates from the pom.xml
• How to disable authentication dialogs for sensitive operations performed by RUT authenticated users
• Deleting a specific npm package version in Nexus Repository Manager 2.x
• How can I create private repositories in Nexus Repository Manager?
• How to Configure Request Header Authentication in Nexus with Apache
• What approach should I use to restrict access to artifacts in Nexus?

See all 52 articles

Troubleshooting

• Problem: Proxy repository to secure.central.sonatype.com site is auto-blocked
• Reset and Compact NuGet package database
• Understanding Smart Proxy Connections
• 401 Unauthorized with npm client versions 5.0.0 to 5.0.3
• What do the repository manager 2.x status messages mean?
• Why does Nexus download npm packages from sites other than the configured remote URL?

See all 72 articles

Performance & Tuning

• WARN org.eclipse.jetty.io.nio - javax.net.ssl.SSLException: Received fatal alert: certificate_unknown log messages
• Setting Advanced LDAP Connection Properties in Nexus Repository Manager
• NuGet Performance Issue - Action Recommended
• Solving NuGet Query Performance Problems in Nexus Repo 2
• Can I use AJP protocol with Neuxs?
• How do I simulate Nexus Pro Smart Proxy performance benefits using Nexus OSS?

See all 21 articles

Development

• What command line tools are available for Nexus?
• How do I add user interface elements to my Nexus plugin?
• How do I add a servlet filter to Nexus request processing?
• How do I create a security realm implementation?
• Uploading to a Staging Repository via REST API
• Migrating Nexus plugins from Plexus to JSR-330

See all 11 articles

Nexus IQ Server (Auditor, Firewall, and Lifecycle Solutions)

Nexus IQ Server

• ★ Root Organization Best Practices
• ★ How do I download and install the Nexus IQ Server?
• How to Remove a Repository's Components from the Dependency Confusion List
• Azure DevOps resource authorization issue nexusIqService references service connection which could not be found
• 'Failed to write lock file' During Pod Startup Running IQ Server
• CycloneDX Scan May Report More Vulnerabilities Than CLI

See all 59 articles

Application Health Check

• Nexus Vulnerability Scanner FAQ

Previously Supported Products

• How do I migrate a CLM 1.5 application policy to a CLM 1.6 organization policy
• Trouble viewing reports in Sonatype CLM for CI after 1.7 upgrade?
• How can I free up space used by the Sonatype CLM Server (1.7 or earlier)?