Sonatype Nexus Repository Manager before 3.17.0 has a weak default of giving any unauthenticated user read permissions on the repository files and images.Referenceshttps://www.twistlock.com/labs-blog/vulnerabilities-nexus-repository-left-thousands-artifacts-exposed/
