Skip to main content

Maven Shared Utils

1 CVEs product

Monthly

CVE-2022-29599 Maven CRITICAL PATCH Act Now

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Code Injection Maven Shared Utils Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
4.0%
EPSS 4% CVSS 9.8
CRITICAL PATCH Act Now

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Code Injection Maven Shared Utils +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy