Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Maven (CVE-2021-26291)

Summary A vulnerability in Apache Maven that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2021-26291 DESCRIPTION: Apache Maven could allow a remote attacker to bypass security restrictions, caused by the use of http non-SSL repository references by...

ROS-20240503-19

A vulnerability in the Apache Maven framework is related to the generation of double-quoted strings without proper escaping. Exploitation of the vulnerability could allow an attacker acting remotely to conduct a shell-based attack. shell attacks...

USN-5245-1 maven vulnerability

It was discovered that Apache Maven followed repositories that are defined in a dependency's Project Object Model pom even if the repositories weren't encrypted http protocol. An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service...

Unspecified Vulnerability in Apache Maven

Apache Maven is an application from the Apache USA Foundation. A software project management and understanding tool. Apache Maven suffers from a security vulnerability that stems from the potential risk of a malicious participant taking over the repository or being able to insert themselves into ...