Announcements
- PostgreSQL Index Corruption - "duplicate key violation" errors
- Sonatype Data Services (HDS) Regularly Scheduled Maintenance
- IQ Server vulnerability information contains the Root Cause
- codehaus.org Repositories Should Be Removed From Your Nexus Repository Instance
- Log4Shell log4j Vulnerability CVE-2021-44228 Status
- Spring Framework RCE Vulnerability CVE-2021-22963 and SONATYPE-2022-1764
Security Advisories
- CVE-2024-4956 Nexus Repository 3 - Path Traversal - 2024-05-16
- CVE-2024-5764 - Nexus Repository Manager 3 - Static hard-coded encryption passphrase used by default - 2024-10-17
- CVE-2024-5082 Nexus Repository 2 - Remote Code Execution
- CVE-2024-5083 Nexus Repository 2 - Stored XSS Vulnerability
- Mitigations for CVE-2024-4956 Nexus Repository 3 Vulnerability
- CVE-2024-1142 Sonatype IQ Server Path Traversal- 2024-03-06