Multiple security vulnerabilities in the nexus Docker images

docker
vulnerabilities

#1

Hello, a couple days ago the company Kenna Security published the blog post about security problems in the most popular Docker containers. The detailed report also contains information about the nexus and nexus3 containers, both of them have massive amount of the vulnerabilities (590), and many of them are remote (such as buffer overflow in the expat XML parser, or OpenSSL problems or pcre buffer overflows and crashes leading to denial of service).

It would be beatiful if you will update the relevant packages in your containers. Thanks in advance :slight_smile:


#2

Hi Timur,

Thanks for taking the time to post this. We’ve had some work planned to update how we build and release our official Docker images. I don’t have an ETA on that yet, but keep an eye out for updates around this.

Cheers,

Nick Cook