Debian Bug report logs -
#1012314
maven-shared-utils: CVE-2022-29599
Package:
src:maven-shared-utils;
Maintainer for src:maven-shared-utils is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 3 Jun 2022 19:15:01 UTC
Severity: imp ...
It was discovered that the Commandline class in maven-shared-utils, a
collection of various utility classes for the Maven build system, can
emit double-quoted strings without proper escaping, allowing shell
injection attacks
For the stable distribution (bullseye), this problem has been fixed in
version 330-1+deb11u1
We recommend that you upgrad ...
orgapachemavenshared:maven-shared-utils is a functional replacement for plexus-utils in Maven Affected versions of this package are vulnerable to Command Injection The Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks The BourneShell class should unconditionally single-quote emitted str ...
Synopsis
Important: maven:35 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the maven:35 module is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat ...
Synopsis
Important: maven-shared-utils security update
Type/Severity
Security Advisory: Important
Topic
An update for maven-shared-utils is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: OpenShift Container Platform 41046 packages and security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Container Platform release 41046 is now available with updates to p ...
Synopsis
Important: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Synopsis
Important: maven:35 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the maven:35 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 82 Extended Updat ...
Synopsis
Critical: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Critical
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for O ...
Synopsis
Important: maven:36 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the maven:36 module is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 82 Extended Updat ...
Synopsis
Important: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Synopsis
Moderate: OpenShift Container Platform 311705 security update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Container Platform release 311705 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Pl ...
Synopsis
Important: OpenShift Container Platform 4955 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Red Hat OpenShift Container Platform release 4955 is now available with updates to packages and ima ...
Synopsis
Important: rh-maven36-maven-shared-utils security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rh-maven36-maven-shared-utils is now available for Red Hat Software CollectionsRed Hat Produ ...
Synopsis
Important: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Synopsis
Important: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Synopsis
Important: Jenkins and Jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
Synopsis
Important: jenkins and jenkins-2-plugins security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for ...
the Commandline class in maven-shared-utils can emit double-quoted strings without proper escaping, allowing shell injection attacks ...
ALAS-2022-242
Amazon Linux 2022 Security Advisory: ALAS-2022-242
Advisory Release Date: 2022-12-06 16:43 Pacific
...
orgapachemavenshared:maven-shared-utils is a functional replacement for plexus-utils in Maven Affected versions of this package are vulnerable to Command Injection The Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks The BourneShell class should unconditionally single-quote emitted str ...