CVE-2022-29599

Опубликовано: 23 мая 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected
esm-apps/bionic	released	3.3.0-1ubuntu0.18.04.1~esm1
esm-apps/focal	released	3.3.0-1ubuntu0.20.04.1
esm-apps/jammy	released	3.3.0-1ubuntu0.22.04.1
esm-apps/xenial	released	0.9-1ubuntu0.1~esm1
esm-infra-legacy/trusty	not-affected	0.4-1ubuntu0.1~esm1
focal	released	3.3.0-1ubuntu0.20.04.1
impish	ignored	end of life
jammy	released	3.3.0-1ubuntu0.22.04.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%

0.00395

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2022-29599

CVSS3: 9.8

redhat

около 5 лет назад

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.

CVE-2022-29599

CVSS3: 9.8

nvd

около 3 лет назад

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.

CVE-2022-29599

CVSS3: 9.8

debian

около 3 лет назад

In Apache Maven maven-shared-utils prior to version 3.3.3, the Command ...

ROS-20240503-19

CVSS3: 9.8

redos

около 1 года назад

Уязвимость maven-shared-utils

RLSA-2022:4798

rocky

около 3 лет назад

Important: maven:3.5 security update

EPSS

Процентиль: 59%

0.00395

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2022-29599

Описание

Пакет maven-shared-utils

Ссылки на источники

Связанные уязвимости