USN-5805-1: Apache Maven vulnerability

USN-5805-1: Apache Maven vulnerability

It was discovered that Apache Maven followed repositories that are defined
in a dependency’s Project Object Model (pom) even if the repositories
weren’t encryptedh (http protocol). An attacker could use this
vulnerability to take over a repository, execute arbitrary code or cause a
denial of service.
Source: USN-5805-1: Apache Maven vulnerability