CVE-2021-26291
maven/org.apache.maven/maven
Origin Validation Error
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository.
All versions before 3.8.1
Upgrade to version 3.8.1 or above.
2021-05-05
source |