Hello everyone.
I understand there are currently many attacks targeting the latest library versions.
My question is: how often is the IQ Firewall database updated with respect to libraries, and how often are new libraries analyzed?
In my organization, we’re getting “404 error” in Nexus for libraries that are less than 24 hours old. There are currently many attacks targeting the latest library versions.
Is there any official documentation on this?
Thanks.
Hi, Jonathan.
That’s a good question. Sonatype’s data is updated continuously. We’re constantly analyzing new libraries, and as soon as analysis is complete, that data goes into our database.
Standard turnaround time for vulnerabilities is less than 24 hours, but Release Integrity reduces that time even further for malware and supply chain attacks, usually within minutes. For example, Sonatype identified a recent PyPI/litellm supply chain attack in seconds, and our data was updated immediately, so any customer with Firewall got instant protection.
When you say you’re getting 404s – do you mean in Nexus Repository or Repository Firewall? Something may be misconfigured. Since you’re a customer, don’t hesitate to open a Support ticket.
Thank you so much for your response, Jonathan, everything is very clear.
You provided an example of the “404 error” when trying to obtain a library that isn’t found in Nexus, and it coincides with the library being less than 24 hours old. Could you tell me if this error is mapped? That way I can open a support case.
Thanks again.
—-
bare-events - npm
—-
npm error 404 Not Found - GET https://nexus.xxx.com/repository/npm-group/bare-events/-/bare-events-2.9.1.tgz
npm error 404
npm error 404 ‘bare-events@https://nexus.xxx.com/repository/npm-group/bare-events/-/bare-events-2.9.1.tgz’ is not in this registry.
npm error 404
npm error 404 Note that you can also install from a
npm error 404 tarball, folder, http url, or git url.
This isn’t a bug we’re aware of. If I had to guess, this behavior is caused by a cache setting that’s meant to save network bandwidth.
Go ahead and open a Support ticket.