all InfoSec news logo
all InfoSec news - The InfoSec & Cyber news aggregator
Sign in Sign up
all InfoSec news

CVE-2022-31289: Neither Bug nor Vulnerability

Add to bookmarks

Web: https://blog.sonatype.com/nexus-repo-issue-neither-bug-nor-vulnerability

June 16, 2022, 4:08 p.m. | mprescott@sonatype.com (Michael Prescott)

Sonatype Blog sonatype.com




On June 11, a cyber security analyst published a blog post alleging that he had discovered a vulnerability in Nexus Repository OSS 3.37.3-02.

2022 bug cve devzone nexus repository product vulnerability

Visit resource

More from sonatype.com / Sonatype Blog

Java Serialisation - the gift that keeps on taking (Part 3) 18 hours ago | sonatype.com
cybersecurity deserialization java on +1
Wicked Good Development: Vulnerability Drills - the Intention, Habit, and Impact 1 day, 4 hours ago | sonatype.com
community development devzone impact +4
This Week in Malware—Python Cryptominers, 345 Dependency Confusion Packages 1 day, 11 hours ago | sonatype.com
cryptominers dependency dependency confusion devzone +7
New and Expanded Free Sonatype Learning Resources 2 days, 1 hour ago | sonatype.com
elearning free how tos learning +4
Smarter policy and advanced component search with Nexus LIfecycle updates 2 days, 8 hours ago | sonatype.com
advanced nexus nexus lifecycle open source development +4
Smarter policy and advanced component search with Nexus Lifecycle updates 2 days, 8 hours ago | sonatype.com
advanced nexus nexus lifecycle open source development +4
python-dateutils—A Cryptominer in Disguise Targeting Windows, Linux, macOS 3 days, 7 hours ago | sonatype.com
cryptocurrency cryptominer crypto mining featured +8
Detecting Inclusive Language in My Codebase with Sonatype Lift 5 days, 5 hours ago | sonatype.com
devzone language my sonatype
This Week in Malware—show me your secrets! 1 week, 1 day ago | sonatype.com
devzone malware malware prevention nexus firewall +4

Latest InfoSec / Cyber Security Jobs

View more jobs Post a job on infosec-jobs.com

Collection Network Penetration Test Engineer TS SCI/Poly Eligible

@ Sixgen Inc. | United States
View on infosec-jobs.com

Senior Infrastructure Security Engineer

@ Angi | Toronto, ON - Remote
View on infosec-jobs.com

Senior Security Operations Engineer

@ Axiom Zen | Remote
View on infosec-jobs.com

Endpoint Protections - Security Research Engineer II

@ Elastic | United States
View on infosec-jobs.com

Senior Cyber Security Engineer

@ Evaluate | London, England, United Kingdom
View on infosec-jobs.com

Device Security Lead

@ Worldcoin | Berlin ; Erlangen ; New York ; San Francisco
View on infosec-jobs.com