Sonatype Logo dark

Platform
- Products
- Why Sonatype
- Accelerate Pipelines with the World's Leading Artifact Repository Manager
  
  Try It Free
- Explore solutions for you
Solutions
- OSS Management
- Developer Solutions
- Industry
- Sonatype Named a Leader in Forrester Wave™ for SCA Software
  
  Read Report
Pricing
Resources
- Resources
- Customer Resources
- Developer Community
- Explore The Latest Research on AI Component Analysis
  
  Watch On-Demand
Company
- Company
  - About
  - Customer Stories
  - Events
  - Newsroom
  - Careers
  - Blog
  - Contact Us
- Partners
- Contact Us
  
  Speak to a Software Supply Chain Expert
  
  Contact Us
Login Contact Us Book a Demo

Login Contact Us Book a Demo

This is a search field with an auto-suggest feature attached.

There are no suggestions because the search field is empty.

security vulnerabilities Posts

Filters

Search

Topics

AI

Application Security

DevOps

Malware & Vulnerabilities

Regulations & Compliance

SBOM

Software Development

featured image for Unprecedented Automation: IndonesianFoods Pits Open Source Against Itself

Blog Post

Unprecedented Automation: IndonesianFoods Pits Open Source Against Itself

Read More

featured image for Apache Tomcat: Vulnerable Versions Downloaded Nearly 100K Times Since PoC

Blog Post

Apache Tomcat: Vulnerable Versions Downloaded Nearly 100K Times Since PoC

Read More

featured image for Bypassing picklescan: Sonatype Discovers Four Vulnerabilities

Blog Post

Bypassing picklescan: Sonatype Discovers Four Vulnerabilities

Read More

featured image for The Hidden Threat: Tackling Malware in Your Software Supply Chain

Blog Post

The Hidden Threat: Tackling Malware in Your Software Supply Chain

Read More

featured image for Zero-Day Vulnerabilities: A Beginner's Guide

Blog Post

Zero-Day Vulnerabilities: A Beginner's Guide

Read More

featured image for 'everything' Matters - Why the npm Package Sparked Controversy

Blog Post

'everything' Matters - Why the npm Package Sparked Controversy

Read More

featured image for Unraveling the Struts2 Security Vulnerability: A Deep Dive

Blog Post

Unraveling the Struts2 Security Vulnerability: A Deep Dive

Read More

featured image for Struts2 CVE-2023-50164 by the Numbers

Blog Post

Struts2 CVE-2023-50164 by the Numbers

Read More

featured image for Top 10 Open Source Projects Hit by HTTP/2 'Rapid Reset' Zero-Day

Blog Post

Top 10 Open Source Projects Hit by HTTP/2 'Rapid Reset' Zero-Day

Read More

featured image for Are unnecessary vulnerabilities polluting your software supply chain?

Blog Post

Are unnecessary vulnerabilities polluting your software supply chain?

Read More

featured image for Why you need a software bill of materials more than ever

Blog Post

Why you need a software bill of materials more than ever

Read More

featured image for Developers, say goodbye to vulnerabilities and squash those bugs

Blog Post

Developers, say goodbye to vulnerabilities and squash those bugs

Read More

1
2

Platform

Overview Pricing Nexus Repository Repository Firewall Lifecycle SBOM Manager Maven Central

Why Sonatype

Compare Sonatype Open Source Intelligence Best SCA Tools Best Malware Protection Tools Best Artifact Repository Solutions Best SBOM Compliance Solutions

Resources

Resources Center Blog Product Tours Webinars Customer Stories Analyst Reports Research

Developer

Integrations All Day DevOps (ADDO) Free Nexus Repo Download Sonatype OSS Index

Customer Resources

My Sonatype Documentation Support Training & Workshops

Company

About Careers Partners Newsroom

Contact Us

X social logo
LinkedIn social logo
Facebook social logo
YouTube social logo
GitHub social logo

Terms of Service
Privacy Policy
Modern Slavery Statement
Event Terms and Conditions
Do Not Sell My Personal Information
Cookie Preferences
Trust Center

Copyright © 2008-present, Sonatype Inc. All rights reserved. Includes the third-party code listed here. Sonatype and Sonatype Nexus are trademarks of Sonatype, Inc. Apache Maven and Maven are trademarks of the Apache Software Foundation. M2Eclipse is a trademark of the Eclipse Foundation. All other trademarks are the property of their respective owners.