I use Sonatype Nexus Repository ManagerOSS 3.29.0-01 deployed on the cloud. Our vulnerability scanner has recently detected that the cloud-hosted Nexus instance is affected by CVE-2022-32532.
I want to know does the vulnerability affect nexus ?
and which version fixes this vulnerability at present？
CVE-2022-32532 was fixed a year ago in 3.41, but we recommend that you upgrade frequently to make sure that you have all the latest security fixes. Security vulnerabilities in open source components are very common, and we put out a regular stream of updates to keep our customers and users safe from avoidable risk.
Thank you for your support, but we are unable to upgrade immediately. I would like to know if there are any workaround solutions for this vulnerability.