Welcome to the Sonatype Support Knowledge Base
Announcements
- ★ codehaus.org Repositories Should Be Removed From Your Nexus Instance
- ★ Sonatype Data Research supplies reserved CVE CVSS scores
- IQ vulnerability information contains the Root Cause
- Commons-collections unintended execution in deserialization
- Spring-core unintended code execution in deserialization
- OpenSSL Heartbleed bug and Sonatype
Product Support Overview
Security Advisories
- CVE-2019-7238 Nexus Repository Manager 3 - Missing Access Controls and Remote Code Execution - 2019-02-05
- CVE-2018-16619 Nexus Repository Manager 3 - Cross Site Scripting XSS - 2018-10-17
- CVE-2018-16620 Nexus Repository Manager 3 - Missing Access Controls - 2018-10-17
- CVE-2018-16621 Nexus Repository Manager 3 - Java Injection - 2018-10-17
- CVE-2018-12100 Nexus Repository Manager 3 - Cross-Site Scripting XSS - 2018-06-04
- CVE-2018-5307 Nexus Repository Manager 2 - Cross-Site Scripting XSS - 2018-02-08 See all 11 articles