Sonatype Selected by Equifax to Support OS Governance Press Release

blog-logo Sonatype Blog

Nexus Intelligence Insights - CVE-2018-14721 - jackson-databind remote code execution

By Elisa Velarde on May 31, 2019 vulnerabilities
We're demystifying the jackson-databind and block polymorphic deserialization (CVE-2018-14721), which is vulnerable to Remote Code Execution.
Read More...

A Struts2 Vulnerability Hurricane: Deserialization

By Derek Weeks on September 06, 2017 Struts
Attackers are widely exploiting a new vulnerability in Apache Struts2 that allows them to remotely execute malicious code on web servers.
Read More...