[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-26291":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":424,"aliases":434,"duplicate_of":9,"upstream":437,"downstream":438,"duplicates":455,"related":456,"reserved_at":9,"published_at":461,"modified_at":462,"state":463,"summary":464,"references_raw":472,"kevs":844,"epss":845,"epss_history":848,"metrics":1090,"affected":1102},"CVE-2021-26291","Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-346","Origin Validation Error","The product does not properly verify that the source of data or communication is valid.","weakness","Draft","Class",[19,23,76,88,92,263,267,271,275,279,283,287,291,412,416,420],{"id":20,"name":21,"techniques":22},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":24,"name":25,"techniques":26},"CAPEC-141","Cache Poisoning",[27],{"id":28,"name":29,"tactics":30,"countermeasures":37},"T1557.002","ARP Cache Poisoning",[31,34],{"id":32,"name":33},"TA0031","Credential Access",{"id":35,"name":36},"TA0100","Collection",[38,43,47,51,55,59,63,67,71],{"id":39,"name":40,"tactic":41},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":42},"Detect",{"id":44,"name":45,"tactic":46},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":42},{"id":48,"name":49,"tactic":50},"D3-CSPP","Client-server Payload Profiling",{"name":42},{"id":52,"name":53,"tactic":54},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":42},{"id":56,"name":57,"tactic":58},"D3-NTSA","Network Traffic Signature Analysis",{"name":42},{"id":60,"name":61,"tactic":62},"D3-APCA","Application Protocol Command Analysis",{"name":42},{"id":64,"name":65,"tactic":66},"D3-NTCD","Network Traffic Community Deviation",{"name":42},{"id":68,"name":69,"tactic":70},"D3-RTSD","Remote Terminal Session Detection",{"name":42},{"id":72,"name":73,"tactic":74},"D3-NTF","Network Traffic Filtering",{"name":75},"Isolate",{"id":77,"name":78,"techniques":79},"CAPEC-142","DNS Cache Poisoning",[80],{"id":81,"name":82,"tactics":83,"countermeasures":87},"T1584.002","DNS Server",[84],{"id":85,"name":86},"TA0042","Resource Development",[],{"id":89,"name":90,"techniques":91},"CAPEC-160","Exploit Script-Based APIs",[],{"id":93,"name":94,"techniques":95},"CAPEC-21","Exploitation of Trusted Identifiers",[96,211,239],{"id":97,"name":98,"tactics":99,"countermeasures":109},"T1134","Access Token Manipulation",[100,103,106],{"id":101,"name":102},"TA0030","Defense Evasion",{"id":104,"name":105},"TA0005","Stealth",{"id":107,"name":108},"TA0111","Privilege Escalation",[110,115,119,123,127,131,135,139,143,148,152,156,161,166,170,174,178,182,187,191,195,199,203,207],{"id":111,"name":112,"tactic":113},"D3-CI","Configuration Inventory",{"name":114},"Model",{"id":116,"name":117,"tactic":118},"D3-NTPM","Network Traffic Policy Mapping",{"name":114},{"id":120,"name":121,"tactic":122},"D3-AM","Access Modeling",{"name":114},{"id":124,"name":125,"tactic":126},"D3-AEM","Application Exception Monitoring",{"name":42},{"id":128,"name":129,"tactic":130},"D3-SCA","System Call Analysis",{"name":42},{"id":132,"name":133,"tactic":134},"D3-CCSA","Credential Compromise Scope Analysis",{"name":42},{"id":136,"name":137,"tactic":138},"D3-OPM","Operational Process Monitoring",{"name":42},{"id":140,"name":141,"tactic":142},"D3-PSA","Process Spawn Analysis",{"name":42},{"id":144,"name":145,"tactic":146},"D3-ST","Session Termination",{"name":147},"Evict",{"id":149,"name":150,"tactic":151},"D3-CR","Credential Revocation",{"name":147},{"id":153,"name":154,"tactic":155},"D3-ANCI","Authentication Cache Invalidation",{"name":147},{"id":157,"name":158,"tactic":159},"D3-DUC","Decoy User Credential",{"name":160},"Deceive",{"id":162,"name":163,"tactic":164},"D3-CH","Credential Hardening",{"name":165},"Harden",{"id":167,"name":168,"tactic":169},"D3-MFA","Multi-factor Authentication",{"name":165},{"id":171,"name":172,"tactic":173},"D3-CRO","Credential Rotation",{"name":165},{"id":175,"name":176,"tactic":177},"D3-TB","Token Binding",{"name":165},{"id":179,"name":180,"tactic":181},"D3-TBA","Token-based Authentication",{"name":165},{"id":183,"name":184,"tactic":185},"D3-RC","Restore Configuration",{"name":186},"Restore",{"id":188,"name":189,"tactic":190},"D3-RIC","Reissue Credential",{"name":186},{"id":192,"name":193,"tactic":194},"D3-SCF","System Call Filtering",{"name":75},{"id":196,"name":197,"tactic":198},"D3-CTS","Credential Transmission Scoping",{"name":75},{"id":200,"name":201,"tactic":202},"D3-EAL","Executable Allowlisting",{"name":75},{"id":204,"name":205,"tactic":206},"D3-EDL","Executable Denylisting",{"name":75},{"id":208,"name":209,"tactic":210},"D3-HBPI","Hardware-based Process Isolation",{"name":75},{"id":212,"name":213,"tactics":214,"countermeasures":216},"T1528","Steal Application Access Token",[215],{"id":32,"name":33},[217,219,221,223,225,227,229,231,233,235,237],{"id":132,"name":133,"tactic":218},{"name":42},{"id":149,"name":150,"tactic":220},{"name":147},{"id":153,"name":154,"tactic":222},{"name":147},{"id":157,"name":158,"tactic":224},{"name":160},{"id":162,"name":163,"tactic":226},{"name":165},{"id":167,"name":168,"tactic":228},{"name":165},{"id":171,"name":172,"tactic":230},{"name":165},{"id":175,"name":176,"tactic":232},{"name":165},{"id":179,"name":180,"tactic":234},{"name":165},{"id":188,"name":189,"tactic":236},{"name":186},{"id":196,"name":197,"tactic":238},{"name":75},{"id":240,"name":241,"tactics":242,"countermeasures":244},"T1539","Steal Web Session Cookie",[243],{"id":32,"name":33},[245,247,249,251,253,255,257,259,261],{"id":132,"name":133,"tactic":246},{"name":42},{"id":149,"name":150,"tactic":248},{"name":147},{"id":153,"name":154,"tactic":250},{"name":147},{"id":157,"name":158,"tactic":252},{"name":160},{"id":162,"name":163,"tactic":254},{"name":165},{"id":167,"name":168,"tactic":256},{"name":165},{"id":171,"name":172,"tactic":258},{"name":165},{"id":188,"name":189,"tactic":260},{"name":186},{"id":196,"name":197,"tactic":262},{"name":75},{"id":264,"name":265,"techniques":266},"CAPEC-384","Application API Message Manipulation via Man-in-the-Middle",[],{"id":268,"name":269,"techniques":270},"CAPEC-385","Transaction or Event Tampering via Application API Manipulation",[],{"id":272,"name":273,"techniques":274},"CAPEC-386","Application API Navigation Remapping",[],{"id":276,"name":277,"techniques":278},"CAPEC-387","Navigation Remapping To Propagate Malicious Content",[],{"id":280,"name":281,"techniques":282},"CAPEC-388","Application API Button Hijacking",[],{"id":284,"name":285,"techniques":286},"CAPEC-510","SaaS User Request Forgery",[],{"id":288,"name":289,"techniques":290},"CAPEC-59","Session Credential Falsification through Prediction",[],{"id":292,"name":293,"techniques":294},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[295,325],{"id":296,"name":297,"tactics":298,"countermeasures":302},"T1134.001","Token Impersonation/Theft",[299,300,301],{"id":101,"name":102},{"id":104,"name":105},{"id":107,"name":108},[303,305,307,309,311,313,315,317,319,321,323],{"id":132,"name":133,"tactic":304},{"name":42},{"id":149,"name":150,"tactic":306},{"name":147},{"id":153,"name":154,"tactic":308},{"name":147},{"id":157,"name":158,"tactic":310},{"name":160},{"id":162,"name":163,"tactic":312},{"name":165},{"id":167,"name":168,"tactic":314},{"name":165},{"id":171,"name":172,"tactic":316},{"name":165},{"id":175,"name":176,"tactic":318},{"name":165},{"id":179,"name":180,"tactic":320},{"name":165},{"id":188,"name":189,"tactic":322},{"name":186},{"id":196,"name":197,"tactic":324},{"name":75},{"id":326,"name":327,"tactics":328,"countermeasures":333},"T1550.004","Web Session Cookie",[329,330],{"id":101,"name":102},{"id":331,"name":332},"TA0109","Lateral Movement",[334,336,338,340,342,344,346,348,350,354,358,360,362,366,370,374,378,380,382,384,386,388,390,392,394,398,400,402,406,410],{"id":39,"name":40,"tactic":335},{"name":42},{"id":44,"name":45,"tactic":337},{"name":42},{"id":48,"name":49,"tactic":339},{"name":42},{"id":52,"name":53,"tactic":341},{"name":42},{"id":56,"name":57,"tactic":343},{"name":42},{"id":60,"name":61,"tactic":345},{"name":42},{"id":64,"name":65,"tactic":347},{"name":42},{"id":68,"name":69,"tactic":349},{"name":42},{"id":351,"name":352,"tactic":353},"D3-PLA","Process Lineage Analysis",{"name":42},{"id":355,"name":356,"tactic":357},"D3-PSMD","Process Self-Modification Detection",{"name":42},{"id":140,"name":141,"tactic":359},{"name":42},{"id":132,"name":133,"tactic":361},{"name":42},{"id":363,"name":364,"tactic":365},"D3-PT","Process Termination",{"name":147},{"id":367,"name":368,"tactic":369},"D3-PS","Process Suspension",{"name":147},{"id":371,"name":372,"tactic":373},"D3-HR","Host Reboot",{"name":147},{"id":375,"name":376,"tactic":377},"D3-HS","Host Shutdown",{"name":147},{"id":149,"name":150,"tactic":379},{"name":147},{"id":153,"name":154,"tactic":381},{"name":147},{"id":157,"name":158,"tactic":383},{"name":160},{"id":162,"name":163,"tactic":385},{"name":165},{"id":167,"name":168,"tactic":387},{"name":165},{"id":171,"name":172,"tactic":389},{"name":165},{"id":188,"name":189,"tactic":391},{"name":186},{"id":72,"name":73,"tactic":393},{"name":75},{"id":395,"name":396,"tactic":397},"D3-KBPI","Kernel-based Process Isolation",{"name":75},{"id":192,"name":193,"tactic":399},{"name":75},{"id":208,"name":209,"tactic":401},{"name":75},{"id":403,"name":404,"tactic":405},"D3-ABPI","Application-based Process Isolation",{"name":75},{"id":407,"name":408,"tactic":409},"D3-WSAM","Web Session Access Mediation",{"name":75},{"id":196,"name":197,"tactic":411},{"name":75},{"id":413,"name":414,"techniques":415},"CAPEC-75","Manipulating Writeable Configuration Files",[],{"id":417,"name":418,"techniques":419},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":421,"name":422,"techniques":423},"CAPEC-89","Pharming",[],[425],{"_key":426,"name":427,"source":428,"url":429,"maturity":430,"reliability_score":431,"verified":432,"type":9,"platforms":433,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_F56866D28E8E937F","Exploit Reference (whitesourcesoftware.com)","reference","https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291/","unknown",0.2,false,[],[435,436],"GHSA-2f88-5hg8-9x2x","BIT-maven-2021-26291",[],[439,441,443,445,447,449,451,453],{"_key":440},"UBUNTU-CVE-2021-26291",{"_key":442},"OPENSUSE-SU-2024:10687-1",{"_key":444},"MGASA-2023-0230",{"_key":446},"DEBIAN-CVE-2021-26291",{"_key":448},"RHSA-2023:3198",{"_key":450},"RHSA-2024:0776",{"_key":452},"USN-5245-1",{"_key":454},"RHSA-2024:0778",[],[457,458,459],{"_key":442},{"_key":444},{"_key":460},"CGA-96H5-76XJ-QGP8","2021-04-23T14:20:13.000Z","2024-08-03T20:19:20.126Z","Modified",{"cisa_kev":432,"cisa_ransomware":432,"cisa_vendor":9,"epss_severity":465,"epss_score":466,"severity":467,"severity_score":468,"severity_version":469,"severity_source":470,"severity_vector":471,"severity_status":463},"high",0.46101,"critical",9.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",[473,483,488,493,497,501,505,509,513,517,521,525,529,533,537,541,545,549,553,557,561,565,569,573,577,581,585,589,593,597,601,605,609,613,617,621,625,629,633,638,642,646,650,654,659,663,667,671,675,679,683,687,691,695,699,703,707,711,715,719,723,727,731,735,739,743,747,752,756,760,764,768,772,776,780,784,788,792,796,800,804,808,812,816,820,824,828,832,836,840],{"url":474,"sources":475,"tags":478},"https://lists.apache.org/thread.html/r9a027668558264c4897633e66bcb7784099fdec9f9b22c38c2442f00%40%3Cusers.maven.apache.org%3E",[476,470,477],"cve.org","osv_maven",[479,480,481,482],"X Refsource MISC","Mailing List","Vendor Advisory","WEB",{"url":484,"sources":485,"tags":486},"https://lists.apache.org/thread.html/r06db4057b74e0598a412734f693a34a8836ac6f06d16d139e5e1027c%40%3Cdev.maven.apache.org%3E",[476,470],[480,487],"X Refsource MLIST",{"url":489,"sources":490,"tags":491},"http://www.openwall.com/lists/oss-security/2021/04/23/5",[476,470,477],[480,487,492,482],"Third Party Advisory",{"url":494,"sources":495,"tags":496},"https://lists.apache.org/thread.html/r0556ce5db7231025785477739ee416b169d8aff5ee9bac7854d64736%40%3Cannounce.apache.org%3E",[476,470],[480,487],{"url":498,"sources":499,"tags":500},"https://lists.apache.org/thread.html/ra88a0eba7f84658cefcecc0143fd8bbad52c229ee5dfcbfdde7b6457%40%3Cdev.jena.apache.org%3E",[476,470],[480,487],{"url":502,"sources":503,"tags":504},"https://lists.apache.org/thread.html/r3f0450dcab7e63b5f233ccfbc6fca5f1867a75c8aa2493ea82732381%40%3Cdev.jena.apache.org%3E",[476,470],[480,487],{"url":506,"sources":507,"tags":508},"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594%40%3Cdev.myfaces.apache.org%3E",[476,470],[480,487],{"url":510,"sources":511,"tags":512},"https://lists.apache.org/thread.html/r86e1c81e03f441855f127980e9b3d41939d04a7caea2b7ab718e2288%40%3Cjira.kafka.apache.org%3E",[476,470],[480,487],{"url":514,"sources":515,"tags":516},"https://lists.apache.org/thread.html/red3bf6cbfd99e36b0c0a4fa1cea1eef1eb300c6bd8f372f497341265%40%3Cdev.kafka.apache.org%3E",[476,470],[480,487],{"url":518,"sources":519,"tags":520},"https://lists.apache.org/thread.html/r340e75c9bb6e8661b89e1cf2c52f4638a18312e57bd884722bc28f52%40%3Cjira.kafka.apache.org%3E",[476,470],[480,487],{"url":522,"sources":523,"tags":524},"https://lists.apache.org/thread.html/r78fb6d2cf0ca332cfa43abd4471e75fa6c517ed9cdfcb950bff48d40%40%3Cjira.kafka.apache.org%3E",[476,470],[480,487],{"url":526,"sources":527,"tags":528},"https://lists.apache.org/thread.html/r39fa6ec4b7e912d3e04ea68efd23e554ec9c8efa2c96f5b45104fc61%40%3Cjira.kafka.apache.org%3E",[476,470],[480,487],{"url":530,"sources":531,"tags":532},"https://lists.apache.org/thread.html/r30e9fcba679d164158cc26236704c351954909c18cb2485d11038aa6%40%3Cdev.kafka.apache.org%3E",[476,470],[480,487],{"url":534,"sources":535,"tags":536},"https://lists.apache.org/thread.html/rc7ae2530063d1cd1cf8e9fa130d10940760f927168d4063d23b8cd0a%40%3Ccommits.kafka.apache.org%3E",[476,470],[480,487],{"url":538,"sources":539,"tags":540},"https://lists.apache.org/thread.html/r5ae6aaa8a2ce86145225c3516bb45d315c0454e3765d651527e5df8a%40%3Ccommits.kafka.apache.org%3E",[476,470],[480,487],{"url":542,"sources":543,"tags":544},"https://lists.apache.org/thread.html/r0a5e4ff2a7ca7ad8595d7683afbaeb3b8788ba974681907f97e7dc8e%40%3Cjira.kafka.apache.org%3E",[476,470],[480,487],{"url":546,"sources":547,"tags":548},"https://lists.apache.org/thread.html/r86aebd0387ae19b740b3eb28bad83fe6aceca0d6257eaa810a6e0002%40%3Ccommits.kafka.apache.org%3E",[476,470],[480,487],{"url":550,"sources":551,"tags":552},"https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3E",[476,470],[480,487],{"url":554,"sources":555,"tags":556},"https://lists.apache.org/thread.html/r71bc13669be84c2ff45b74a67929bc2da905c152e12a39b406e3c2a0%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":558,"sources":559,"tags":560},"https://lists.apache.org/thread.html/r53cd5de57aaa126038c5301d8f518f3defab3c5b1c7e17c97bad08d8%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":562,"sources":563,"tags":564},"https://lists.apache.org/thread.html/r52c6cda14dc6315dc79e72d30109f4589e9c6300ef6dc1a019da32d4%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":566,"sources":567,"tags":568},"https://lists.apache.org/thread.html/r74329c671df713f61ae4620ee2452a0443ccad7f33c60e8ed7d21ff9%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":570,"sources":571,"tags":572},"https://lists.apache.org/thread.html/r07a89b32783f73bda6903c1f9aadeb859e5bef0a4daed6d87db8e4a9%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":574,"sources":575,"tags":576},"https://lists.apache.org/thread.html/r96cc126d3ee9aa42af9d3bb4baa94828b0a5f656584a50dcc594125f%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":578,"sources":579,"tags":580},"https://lists.apache.org/thread.html/ra9d984eccfd2ae7726671e025f0296bf03786e5cdf872138110ac29b%40%3Ccommits.druid.apache.org%3E",[476,470],[480,487],{"url":582,"sources":583,"tags":584},"https://lists.apache.org/thread.html/r0d083314aa3934dd4b6e6970d1f6ee50f6eaa9d867deb2cd96788478%40%3Cjira.kafka.apache.org%3E",[476,470],[480,487],{"url":586,"sources":587,"tags":588},"https://lists.apache.org/thread.html/re75f8b3dbc5faa1640908f87e644d373e00f8b4e6ba3e2ba4bd2c80b%40%3Ccommits.druid.apache.org%3E",[476,470],[480,487],{"url":590,"sources":591,"tags":592},"https://lists.apache.org/thread.html/r08a401f8c98a99f68d061fde6e6659d695f28d60fe4f0413bcb355b0%40%3Ccommits.druid.apache.org%3E",[476,470],[480,487],{"url":594,"sources":595,"tags":596},"https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":598,"sources":599,"tags":600},"https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":602,"sources":603,"tags":604},"https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":606,"sources":607,"tags":608},"https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":610,"sources":611,"tags":612},"https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":614,"sources":615,"tags":616},"https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":618,"sources":619,"tags":620},"https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":622,"sources":623,"tags":624},"https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":626,"sources":627,"tags":628},"https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":630,"sources":631,"tags":632},"https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c%40%3Cissues.karaf.apache.org%3E",[476,470],[480,487],{"url":634,"sources":635,"tags":636},"https://www.oracle.com/security-alerts/cpuapr2022.html",[476,470,477],[479,637,492,482],"Patch",{"url":639,"sources":640,"tags":641},"https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5%40%3Cdev.kafka.apache.org%3E",[476,470],[479],{"url":643,"sources":644,"tags":645},"https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac%40%3Cdev.kafka.apache.org%3E",[476,470],[479],{"url":429,"sources":647,"tags":648},[476,470],[479,649,492],"Exploit",{"url":651,"sources":652,"tags":653},"https://www.oracle.com/security-alerts/cpujul2022.html",[476,470,477],[479,482],{"url":655,"sources":656,"tags":657},"https://nvd.nist.gov/vuln/detail/CVE-2021-26291",[477],[658],"Advisory",{"url":660,"sources":661,"tags":662},"https://github.com/apache/maven/commit/899465aeec03753ea91e15a79579eab76369c016",[477],[482],{"url":664,"sources":665,"tags":666},"https://github.com/apache/maven/commit/fa79cb22e456cc65522b5bab8c4240fe08c5775f",[477],[482],{"url":668,"sources":669,"tags":670},"https://lists.apache.org/thread.html/r77af3ac7c3bfbd5454546e13faf7aec21d627bdcf36c9ca240436b94@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":672,"sources":673,"tags":674},"https://lists.apache.org/thread.html/r78fb6d2cf0ca332cfa43abd4471e75fa6c517ed9cdfcb950bff48d40@%3Cjira.kafka.apache.org%3E",[477],[482],{"url":676,"sources":677,"tags":678},"https://lists.apache.org/thread.html/r86aebd0387ae19b740b3eb28bad83fe6aceca0d6257eaa810a6e0002@%3Ccommits.kafka.apache.org%3E",[477],[482],{"url":680,"sources":681,"tags":682},"https://lists.apache.org/thread.html/r86e1c81e03f441855f127980e9b3d41939d04a7caea2b7ab718e2288@%3Cjira.kafka.apache.org%3E",[477],[482],{"url":684,"sources":685,"tags":686},"https://lists.apache.org/thread.html/r96cc126d3ee9aa42af9d3bb4baa94828b0a5f656584a50dcc594125f@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":688,"sources":689,"tags":690},"https://lists.apache.org/thread.html/r9a027668558264c4897633e66bcb7784099fdec9f9b22c38c2442f00@%3Cusers.maven.apache.org%3E",[477],[482],{"url":692,"sources":693,"tags":694},"https://lists.apache.org/thread.html/ra88a0eba7f84658cefcecc0143fd8bbad52c229ee5dfcbfdde7b6457@%3Cdev.jena.apache.org%3E",[477],[482],{"url":696,"sources":697,"tags":698},"https://lists.apache.org/thread.html/ra9d984eccfd2ae7726671e025f0296bf03786e5cdf872138110ac29b@%3Ccommits.druid.apache.org%3E",[477],[482],{"url":700,"sources":701,"tags":702},"https://lists.apache.org/thread.html/rc7ae2530063d1cd1cf8e9fa130d10940760f927168d4063d23b8cd0a@%3Ccommits.kafka.apache.org%3E",[477],[482],{"url":704,"sources":705,"tags":706},"https://lists.apache.org/thread.html/rc9e441c1576bdc4375d32526d5cf457226928e9c87b9f54ded26271c@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":708,"sources":709,"tags":710},"https://lists.apache.org/thread.html/rcd37d9214b08067a2e8f2b5b4fd123a1f8cb6008698d11ef44028c21@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":712,"sources":713,"tags":714},"https://lists.apache.org/thread.html/rcd6c3a36f1dbc130da1b89d0f320db7040de71661a512695a8d513ac@%3Cdev.kafka.apache.org%3E",[477],[482],{"url":716,"sources":717,"tags":718},"https://lists.apache.org/thread.html/rdcbad6d8ce72c79827ed8c635f9a62dd919bb21c94a0b64cab2efc31@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":720,"sources":721,"tags":722},"https://lists.apache.org/thread.html/re75f8b3dbc5faa1640908f87e644d373e00f8b4e6ba3e2ba4bd2c80b@%3Ccommits.druid.apache.org%3E",[477],[482],{"url":724,"sources":725,"tags":726},"https://lists.apache.org/thread.html/red3bf6cbfd99e36b0c0a4fa1cea1eef1eb300c6bd8f372f497341265@%3Cdev.kafka.apache.org%3E",[477],[482],{"url":728,"sources":729,"tags":730},"https://lists.apache.org/thread.html/rf9abfc0223747a56694825c050cc6b66627a293a32ea926b3de22402@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":732,"sources":733,"tags":734},"https://lists.apache.org/thread.html/rfc0db1f3c375087e69a239f9284ded72d04fbb55849eadde58fa9dc2@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":736,"sources":737,"tags":738},"https://lists.apache.org/thread.html/rfc27e2727a20a574f39273e0432aa97486a332f9b3068f6ac1346594@%3Cdev.myfaces.apache.org%3E",[477],[482],{"url":740,"sources":741,"tags":742},"https://maven.apache.org/docs/3.8.1/release-notes.html",[477],[482],{"url":744,"sources":745,"tags":746},"https://www.whitesourcesoftware.com/resources/blog/maven-security-vulnerability-cve-2021-26291",[477],[482],{"url":748,"sources":749,"tags":750},"https://github.com/apache/maven",[477],[751],"PACKAGE",{"url":753,"sources":754,"tags":755},"https://issues.apache.org/jira/browse/MNG-7116",[477],[482],{"url":757,"sources":758,"tags":759},"https://issues.apache.org/jira/browse/MNG-7117",[477],[482],{"url":761,"sources":762,"tags":763},"https://lists.apache.org/thread.html/r0556ce5db7231025785477739ee416b169d8aff5ee9bac7854d64736@%3Cannounce.apache.org%3E",[477],[482],{"url":765,"sources":766,"tags":767},"https://lists.apache.org/thread.html/r06db4057b74e0598a412734f693a34a8836ac6f06d16d139e5e1027c@%3Cdev.maven.apache.org%3E",[477],[482],{"url":769,"sources":770,"tags":771},"https://lists.apache.org/thread.html/r07a89b32783f73bda6903c1f9aadeb859e5bef0a4daed6d87db8e4a9@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":773,"sources":774,"tags":775},"https://lists.apache.org/thread.html/r08a401f8c98a99f68d061fde6e6659d695f28d60fe4f0413bcb355b0@%3Ccommits.druid.apache.org%3E",[477],[482],{"url":777,"sources":778,"tags":779},"https://lists.apache.org/thread.html/r0a5e4ff2a7ca7ad8595d7683afbaeb3b8788ba974681907f97e7dc8e@%3Cjira.kafka.apache.org%3E",[477],[482],{"url":781,"sources":782,"tags":783},"https://lists.apache.org/thread.html/r0d083314aa3934dd4b6e6970d1f6ee50f6eaa9d867deb2cd96788478@%3Cjira.kafka.apache.org%3E",[477],[482],{"url":785,"sources":786,"tags":787},"https://lists.apache.org/thread.html/r167dbc42ef7c59802c2ca1ac14735ef9cf687c25208229993d6206fe@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":789,"sources":790,"tags":791},"https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E",[477],[482],{"url":793,"sources":794,"tags":795},"https://lists.apache.org/thread.html/r2ddabd06d94b60cfb0141e4abb23201c628ab925e30742f61a04d013@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":797,"sources":798,"tags":799},"https://lists.apache.org/thread.html/r30a139c165b3da6e0d5536434ab1550534011b1fdfcd2f5d95892c5b@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":801,"sources":802,"tags":803},"https://lists.apache.org/thread.html/r30e9fcba679d164158cc26236704c351954909c18cb2485d11038aa6@%3Cdev.kafka.apache.org%3E",[477],[482],{"url":805,"sources":806,"tags":807},"https://lists.apache.org/thread.html/r340e75c9bb6e8661b89e1cf2c52f4638a18312e57bd884722bc28f52@%3Cjira.kafka.apache.org%3E",[477],[482],{"url":809,"sources":810,"tags":811},"https://lists.apache.org/thread.html/r39fa6ec4b7e912d3e04ea68efd23e554ec9c8efa2c96f5b45104fc61@%3Cjira.kafka.apache.org%3E",[477],[482],{"url":813,"sources":814,"tags":815},"https://lists.apache.org/thread.html/r3f0450dcab7e63b5f233ccfbc6fca5f1867a75c8aa2493ea82732381@%3Cdev.jena.apache.org%3E",[477],[482],{"url":817,"sources":818,"tags":819},"https://lists.apache.org/thread.html/r4e1619cfefcd031fac62064a3858f5c9229eef907bd5d8ef14c594fc@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":821,"sources":822,"tags":823},"https://lists.apache.org/thread.html/r52c6cda14dc6315dc79e72d30109f4589e9c6300ef6dc1a019da32d4@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":825,"sources":826,"tags":827},"https://lists.apache.org/thread.html/r53cd5de57aaa126038c5301d8f518f3defab3c5b1c7e17c97bad08d8@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":829,"sources":830,"tags":831},"https://lists.apache.org/thread.html/r5ae6aaa8a2ce86145225c3516bb45d315c0454e3765d651527e5df8a@%3Ccommits.kafka.apache.org%3E",[477],[482],{"url":833,"sources":834,"tags":835},"https://lists.apache.org/thread.html/r71bc13669be84c2ff45b74a67929bc2da905c152e12a39b406e3c2a0@%3Cissues.karaf.apache.org%3E",[477],[482],{"url":837,"sources":838,"tags":839},"https://lists.apache.org/thread.html/r7212b874e575e59d648980d91bc22e684906aee9b211ab92da9591f5@%3Cdev.kafka.apache.org%3E",[477],[482],{"url":841,"sources":842,"tags":843},"https://lists.apache.org/thread.html/r74329c671df713f61ae4620ee2452a0443ccad7f33c60e8ed7d21ff9@%3Cissues.karaf.apache.org%3E",[477],[482],[],{"date":846,"score":466,"percentile":847},"2026-06-04",0.97704,[849,853,855,858,861,863,865,867,869,872,874,876,878,880,882,886,889,892,894,897,899,901,903,905,908,912,916,919,923,926,928,931,933,936,939,942,944,947,950,953,956,958,960,963,966,969,971,974,976,978,980,983,986,989,992,994,997,999,1002,1005,1008,1010,1013,1016,1018,1020,1023,1026,1028,1030,1032,1035,1039,1042,1045,1049,1052,1055,1058,1060,1063,1066,1069,1072,1074,1076,1079,1081,1083,1086],{"date":850,"score":851,"percentile":852},"2025-11-04",0.45481,0.97456,{"date":854,"score":851,"percentile":852},"2025-11-05",{"date":856,"score":851,"percentile":857},"2025-11-06",0.97455,{"date":859,"score":851,"percentile":860},"2025-11-07",0.97457,{"date":862,"score":851,"percentile":857},"2025-11-08",{"date":864,"score":851,"percentile":857},"2025-11-09",{"date":866,"score":851,"percentile":852},"2025-11-10",{"date":868,"score":851,"percentile":852},"2025-11-11",{"date":870,"score":851,"percentile":871},"2025-11-12",0.97459,{"date":873,"score":851,"percentile":871},"2025-11-13",{"date":875,"score":851,"percentile":871},"2025-11-14",{"date":877,"score":851,"percentile":860},"2025-11-15",{"date":879,"score":851,"percentile":871},"2025-11-16",{"date":881,"score":851,"percentile":871},"2025-11-17",{"date":883,"score":884,"percentile":885},"2025-11-18",0.06949,0.90521,{"date":887,"score":884,"percentile":888},"2025-11-19",0.90525,{"date":890,"score":884,"percentile":891},"2025-11-20",0.9053,{"date":893,"score":851,"percentile":857},"2025-11-21",{"date":895,"score":851,"percentile":896},"2025-11-22",0.97454,{"date":898,"score":851,"percentile":896},"2025-11-23",{"date":900,"score":851,"percentile":852},"2025-11-24",{"date":902,"score":851,"percentile":860},"2025-11-25",{"date":904,"score":851,"percentile":852},"2025-11-26",{"date":906,"score":851,"percentile":907},"2025-11-27",0.97458,{"date":909,"score":910,"percentile":911},"2025-11-28",0.37293,0.96991,{"date":913,"score":914,"percentile":915},"2025-11-29",0.3955,0.97128,{"date":917,"score":914,"percentile":918},"2025-11-30",0.97126,{"date":920,"score":921,"percentile":922},"2025-12-01",0.47778,0.97591,{"date":924,"score":921,"percentile":925},"2025-12-02",0.9759,{"date":927,"score":921,"percentile":922},"2025-12-03",{"date":929,"score":914,"percentile":930},"2025-12-04",0.9713,{"date":932,"score":914,"percentile":930},"2025-12-05",{"date":934,"score":914,"percentile":935},"2025-12-06",0.97131,{"date":937,"score":914,"percentile":938},"2025-12-07",0.97132,{"date":940,"score":914,"percentile":941},"2025-12-08",0.97134,{"date":943,"score":914,"percentile":941},"2025-12-09",{"date":945,"score":914,"percentile":946},"2025-12-10",0.97139,{"date":948,"score":914,"percentile":949},"2025-12-11",0.97141,{"date":951,"score":914,"percentile":952},"2025-12-12",0.97142,{"date":954,"score":914,"percentile":955},"2025-12-13",0.97144,{"date":957,"score":914,"percentile":952},"2025-12-14",{"date":959,"score":914,"percentile":955},"2025-12-15",{"date":961,"score":914,"percentile":962},"2025-12-16",0.97146,{"date":964,"score":914,"percentile":965},"2025-12-17",0.9715,{"date":967,"score":914,"percentile":968},"2025-12-18",0.97148,{"date":970,"score":914,"percentile":965},"2025-12-19",{"date":972,"score":914,"percentile":973},"2025-12-20",0.97149,{"date":975,"score":914,"percentile":968},"2025-12-21",{"date":977,"score":914,"percentile":968},"2025-12-22",{"date":979,"score":914,"percentile":965},"2025-12-23",{"date":981,"score":914,"percentile":982},"2025-12-24",0.97152,{"date":984,"score":914,"percentile":985},"2025-12-25",0.97155,{"date":987,"score":914,"percentile":988},"2025-12-26",0.97156,{"date":990,"score":914,"percentile":991},"2025-12-27",0.97181,{"date":993,"score":914,"percentile":988},"2025-12-28",{"date":995,"score":914,"percentile":996},"2025-12-29",0.97158,{"date":998,"score":914,"percentile":996},"2025-12-30",{"date":1000,"score":914,"percentile":1001},"2025-12-31",0.97163,{"date":1003,"score":921,"percentile":1004},"2026-01-01",0.97616,{"date":1006,"score":921,"percentile":1007},"2026-01-02",0.97617,{"date":1009,"score":921,"percentile":1007},"2026-01-03",{"date":1011,"score":914,"percentile":1012},"2026-01-04",0.97165,{"date":1014,"score":914,"percentile":1015},"2026-01-05",0.97167,{"date":1017,"score":914,"percentile":1015},"2026-01-06",{"date":1019,"score":914,"percentile":1015},"2026-01-07",{"date":1021,"score":914,"percentile":1022},"2026-01-08",0.97168,{"date":1024,"score":914,"percentile":1025},"2026-01-09",0.9717,{"date":1027,"score":914,"percentile":1025},"2026-01-10",{"date":1029,"score":914,"percentile":1025},"2026-01-11",{"date":1031,"score":914,"percentile":1025},"2026-01-12",{"date":1033,"score":914,"percentile":1034},"2026-01-13",0.97171,{"date":1036,"score":1037,"percentile":1038},"2026-01-14",0.37804,0.97077,{"date":1040,"score":1037,"percentile":1041},"2026-01-15",0.97078,{"date":1043,"score":1037,"percentile":1044},"2026-01-16",0.97081,{"date":1046,"score":1047,"percentile":1048},"2026-01-17",0.44323,0.97441,{"date":1050,"score":1047,"percentile":1051},"2026-01-18",0.97438,{"date":1053,"score":1047,"percentile":1054},"2026-01-19",0.97439,{"date":1056,"score":1047,"percentile":1057},"2026-01-20",0.9744,{"date":1059,"score":1047,"percentile":1048},"2026-01-21",{"date":1061,"score":1047,"percentile":1062},"2026-01-22",0.97442,{"date":1064,"score":1047,"percentile":1065},"2026-01-23",0.97445,{"date":1067,"score":1047,"percentile":1068},"2026-01-24",0.97446,{"date":1070,"score":1047,"percentile":1071},"2026-01-25",0.97444,{"date":1073,"score":1047,"percentile":1068},"2026-01-26",{"date":1075,"score":1047,"percentile":1068},"2026-01-27",{"date":1077,"score":1047,"percentile":1078},"2026-01-28",0.97448,{"date":1080,"score":1047,"percentile":1078},"2026-01-29",{"date":1082,"score":1047,"percentile":1078},"2026-01-30",{"date":1084,"score":1047,"percentile":1085},"2026-01-31",0.97449,{"date":1087,"score":1088,"percentile":1089},"2026-02-01",0.52507,0.97866,[1091,1100],{"source":470,"cvss_v2_0":1092,"cvss_v3_0":9,"cvss_v3_1":1097,"cvss_v4_0":9},{"baseScore":1093,"baseSeverity":9,"vectorString":1094,"impactScore":1095,"exploitabilityScore":1096},6.4,"AV:N/AC:L/Au:N/C:P/I:P/A:N",4.9,10,{"baseScore":468,"baseSeverity":1098,"vectorString":471,"impactScore":1099,"exploitabilityScore":1096},"CRITICAL",8.7,{"source":477,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":1101,"cvss_v4_0":9},{"baseScore":468,"baseSeverity":9,"vectorString":471,"impactScore":1099,"exploitabilityScore":1096},[1103,1114,1122,1131,1136,1149,1155],{"ecosystem":9,"name":1104,"vendor":1105,"product":1106,"cpe_part":1107,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1108},"Apache Maven","apache software foundation","apache maven","a",[1109],{"version":1110,"is_range":1111,"range_type":476,"version_start":1104,"version_start_type":1112,"version_end":1113,"version_end_type":1112,"fixed_in":9},">= Apache Maven, \u003C= 3.8.1",true,"including","3.8.1",{"ecosystem":9,"name":1115,"vendor":1116,"product":1115,"cpe_part":1107,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1117},"maven","apache",[1118],{"version":1119,"is_range":1111,"range_type":1120,"version_start":9,"version_start_type":9,"version_end":1113,"version_end_type":1121,"fixed_in":9},"lt3.8.1","cpe","excluding",{"ecosystem":1123,"name":1124,"vendor":1125,"product":1126,"cpe_part":9,"purl_type":1115,"purl_namespace":1125,"purl_name":1126,"source":9,"versions":1127},"Maven","org.apache.maven:maven-compat","org.apache.maven","maven-compat",[1128],{"version":1129,"is_range":1111,"range_type":1130,"version_start":9,"version_start_type":9,"version_end":1113,"version_end_type":1121,"fixed_in":9},"lt3_8_1","ecosystem",{"ecosystem":1123,"name":1132,"vendor":1125,"product":1133,"cpe_part":9,"purl_type":1115,"purl_namespace":1125,"purl_name":1133,"source":9,"versions":1134},"org.apache.maven:maven-core","maven-core",[1135],{"version":1129,"is_range":1111,"range_type":1130,"version_start":9,"version_start_type":9,"version_end":1113,"version_end_type":1121,"fixed_in":9},{"ecosystem":9,"name":1137,"vendor":1138,"product":1139,"cpe_part":1107,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1140},"financial services analytical applications infrastructure","oracle","financial_services_analytical_applications_infrastructure",[1141,1145],{"version":1142,"is_range":1111,"range_type":1120,"version_start":1143,"version_start_type":1112,"version_end":1144,"version_end_type":1112,"fixed_in":9},"gte8.0.6.0.0_lte8.0.9.0.0","8.0.6.0.0","8.0.9.0.0",{"version":1146,"is_range":1111,"range_type":1120,"version_start":1147,"version_start_type":1112,"version_end":1148,"version_end_type":1112,"fixed_in":9},"gte8.1.0.0.0_lte8.1.20","8.1.0.0.0","8.1.2.0",{"ecosystem":9,"name":1150,"vendor":1138,"product":1151,"cpe_part":1107,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1152},"goldengate big data and application adapters","goldengate_big_data_and_application_adapters",[1153],{"version":1154,"is_range":432,"range_type":1120,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"23.1",{"ecosystem":9,"name":1156,"vendor":1156,"product":1156,"cpe_part":1107,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":1157},"quarkus",[1158],{"version":1159,"is_range":1111,"range_type":1120,"version_start":9,"version_start_type":9,"version_end":1160,"version_end_type":1121,"fixed_in":9},"lt1.13.5","1.13.5"]