FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Apache Maven -- multiple vulnerabilities

Affected packages
maven < 3.8.1

Details

VuXML ID 20006b5f-a0bc-11eb-8ae6-fc4dd43e2b6a
Discovery 2021-04-04
Entry 2021-04-19

The Apache Maven project reports:

We received a report from Jonathan Leitschuh about a vulnerability of custom repositories in dependency POMs. We've split this up into three separate issues:

References

CVE Name CVE-2020-13956
CVE Name CVE-2021-26291
URL http://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291