Dependency Confusion Vulnerability Found in Apache Project

This occurs when a private package fetches a similar public one, leading to exploit due to misconfigurations in package managers