Dependency Confusion Vulnerability Found in Apache Project
Dependency Confusion Vulnerability Found in Apache Project
22 April 2024
The exploit occurs when referencing a private/local package, which inadvertently fetches a malicious package similarly named from the public registry due to misconfigurations in package managers.