My Sonatype Community Documentation Guides Learn Who is Sonatype?

Submit a request Sign in

Sonatype Support
Welcome to the Sonatype Support Knowledge Base

Welcome to the Sonatype Support Knowledge Base

Announcements

★ Nexus Repository Manager Remote Code Execution Vulnerability Advisory
★ codehaus.org Repositories Should Be Removed From Your Nexus Instance
★ Sonatype Data Research supplies reserved CVE CVSS scores
IQ vulnerability information contains the Root Cause
Commons-collections unintended execution in deserialization
Spring-core unintended code execution in deserialization

See all 7 articles

Product Support Overview

★ Nexus Repository Manager Feature Compatibility Matrix
Sonatype Security Data Sources and Research Overview
Support Ticket Best Practices
Sonatype Product Ideas Portal Help
Sonatype Product and Solutions Overview
Sonatype Product Support FAQ

See all 8 articles

Security Advisories

CVE-2018-16619 Nexus Repository Manager (XSS) - October 17, 2018
CVE-2018-16620 Nexus Repository Manager (Missing Access Controls) - October 17, 2018
CVE-2018-16621 Nexus Repository Manager (Java Injection) - October 17, 2018
CVE-2018-5306 NXRM Security Advisory - Cross-Site Scripting (XSS)
CVE-2018-5307 NXRM Security Advisory - Cross-Site Scripting (XSS)
Protect Sonatype Server Products against Weak Diffie-Hellman Keys and Logjam

See all 11 articles

Terms of Service Privacy Policy
Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.

Powered by Zendesk