CVE-2021-26291

CVE-2021-26291

maven/org.apache.maven/maven

Origin Validation Error

Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository.

All versions before 3.8.1

Upgrade to version 3.8.1 or above.

2021-05-05