USN-5805-1: Apache Maven vulnerability

January 16, 2023

Read Time:14 Second

It was discovered that Apache Maven followed repositories that are defined
in a dependency’s Project Object Model (pom) even if the repositories
weren’t encryptedh (http protocol). An attacker could use this
vulnerability to take over a repository, execute arbitrary code or cause a
denial of service.

News, Advisories and much more

Exit mobile version