Ubuntu Security Notice 5805-1 - It was discovered that Apache Maven followed repositories that are defined in a dependency’s Project Object Model even if the repositories weren't encryptedh. An attacker could use this vulnerability to take over a repository, execute arbitrary code or cause a denial of service.
a994e0c1fd7836e3a9df4f7c9e76467190a7cd448ff3e20b7b5b49e5f7837ec3