Featured Article

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

By Ax Sharma on April 16, 2024 vulnerabilities

The Sonatype Security Research team has identified over 15,000 npm packages that flood npm registry in a new trend where devs involved in the blockchain and cryptocurrency communities are leveraging

Read More

Sonatype Intelligence Insights: CVE-2020-13935 - Apache Tomcat Websocket - Denial of Service (DoS)

By Ax Sharma on July 29, 2020 vulnerabilities

4 minute read time

July’s Nexus Intelligence Insight takes a deep dive into a Denial of Service (DoS) vulnerability impacting the popular Apache Tomcat Websocket component.

Read More...

Top 5 Tomcat Vulnerabilities

By Sylvia Fronczak on June 12, 2019 vulnerability

3 minute read time

If you spend time monitoring and patching OSS projects, you know Tomcat has some vulnerabilities. Today, Tomitribe walked us through 5 of those vulnerabilities.

Read More...

Nexus Intelligence Insights: CVE-2019-0232 - Apache Tomcat CGI Servlet Remote Code Execution

By Elisa Velarde on April 26, 2019 vulnerability

3 minute read time

Learn about a very popular component used by developers worldwide. Say hello to CVE-2019-0232, a remote code execution vulnerability.

Read More...

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Sonatype Intelligence Insights: CVE-2020-13935 - Apache Tomcat Websocket - Denial of Service (DoS)

Top 5 Tomcat Vulnerabilities

Nexus Intelligence Insights: CVE-2019-0232 - Apache Tomcat CGI Servlet Remote Code Execution

Secure your software supply chain

Subscribe for all the latest software security news and events