The vulnerability of the codehaus-plexus framework of Apache Maven is related to an incorrect restriction on XML references to external objects, which allows a hacker to execute arbitrary code.

The vulnerability of the codehaus-plexus framework of Apache Maven is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

[SECURITY] [DSA 4149-1] plexus-utils2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4149-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 22, 2018 https://www.debian.org/security/faq -...