Nexus version 2.1.2

Hello Team,

We are using Nexus Repository version 2.1.2, can you please confirm , if this version having Log4J vulnerabilities impact? which we have recently seen.


Hi @deepti.s.sharma and welcome to the Community!

You can read more about this here but the short answer is that our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the reported log4j vulnerabilities.

We still do advise keeping your software upgraded to the latest version.

Nexus 2.1.2 is 10-years old - we’ve addressed other security problems in the intervening years.