CVE-2022-31289: Neither Bug nor Vulnerability

By Michael Prescott on June 16, 2022 vulnerability

3 minute read time

A recent report of a Nexus Repository vulnerability is not a security concern and no software update is required. A look at issue and similar concerns.
Read More...

New Developer Tools for Open Source Dependency Management

By Chris Good on March 15, 2022 Nexus Lifecycle

5 minute read time

Nexus platform customers can now access improved dependency visualization, better track policy exceptions, and work with PHP.
Read More...

New Nexus Repository Visualizer Provides Insights into Log4j Usage

By Chris Good on December 30, 2021 Nexus Repository

4 minute read time

Vulnerable Log4j components are still in active use. New functionality available for Sonatype's Nexus Repository monitors and helps address these issues.
Read More...

DevOps Made of Steel

By Phil Vuollet on June 29, 2021 Nexus Lifecycle

3 minute read time

Security Analysts from U.S. Steel Corporation spoke at Sonatype's ELEVATE 2021, sharing their DevOps story and where Nexus Repository and Nexus Lifecycle fit into the journey.
Read More...

Update to CVE-2019-7238 in Nexus Repository Manager 3

By Brent Kostak on April 12, 2021 Nexus Repository

1 minute read time

An article was brought to our attention that suggests a new attack tactic is targeting an old vulnerability in NXRM, CVE-2019-7238. Ensure you're upgraded to the latest version.
Read More...

New in Nexus Repository 3.30: Microsoft Azure Blob Storage Support for Expanded Cloud Deployments

By Brent Kostak on March 15, 2021 Nexus Repository

4 minute read time

We are excited to announce Azure Blob Storage support - Nexus Repository Pro users can now manage and deploy their critical infrastructure on Microsoft’s Azure Cloud Platform.
Read More...

Sonatype Releases New Nexus Firewall Policy to Secure Software Supply Chains from "Dependency Confusion" Attacks

By Brent Kostak on March 04, 2021 Nexus Firewall

5 minute read time

Sonatype’s new Dependency Confusion Policy Protection using Nexus Firewall and Nexus Repository can now automate dependency confusion protection at scale
Read More...

Namespace Confusion: Minimizing Risk with Nexus Repository

By Michael Prescott on February 10, 2021 Nexus Repository

3 minute read time

Nexus Repository (NXRM) can help minimize your risk against namespace confusion with a feature called repository routing rules.
Read More...

Nexus Repository & Microsoft NuGet Gallery: OData Changes for NuGet V2

By Brent Kostak on December 10, 2020 Nuget

2 minute read time

Following Microsoft's announced changes to the NuGet Gallery, and the depreciation of OData, see details on how Nexus Repository users can avoid V2 protocol errors by upgrading to NuGet V3.
Read More...