Описание
Important: maven:3.5 security update
The Apache Maven Shared Utils project aims to be an improved functional replacement for plexus-utils in Maven.
Security Fix(es):
- maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 8
Связанные CVE
Исправления
- Red Hat - 2066479
Связанные уязвимости
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
In Apache Maven maven-shared-utils prior to version 3.3.3, the Command ...
