F5F5:K97399672

HistoryJun 02, 2022 - 12:00 a.m.

K97399672 : Apache Maven vulnerability CVE-2022-29599

2022-06-0200:00:00

my.f5.com

apache maven

commandline class

vulnerability

cve-2022-29599

AI Score

9.5

Confidence

High

EPSS

0.025

Percentile

90.2%

JSON

Security Advisory Description

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. (CVE-2022-29599)

Impact

There is no impact; F5 products are not affected by this vulnerability.

github

Command injection in Apache Maven maven-shared-utils

2022-05-24 00:01:49

osv

Important: maven:3.5 security update

2022-05-30 11:39:15

maven-shared-utils - security update

2022-06-26 00:00:00

Important: maven:3.6 security update

2022-05-30 11:39:17

oraclelinux

maven-shared-utils security update

2022-04-29 00:00:00

maven:3.6 security update

2022-06-01 00:00:00

maven:3.5 security update

2022-06-01 00:00:00

nessus

Debian DSA-5242-1 : maven-shared-utils - security update

2022-09-29 00:00:00

Amazon Linux 2022 : (ALAS2022-2022-060)

2022-09-06 00:00:00

Oracle Linux 8 : maven:3.5 (ELSA-2022-4798)

2022-06-01 00:00:00

cve

CVE-2022-29599

2022-05-23 11:16:10

redhat

(RHSA-2023:0573) Important: OpenShift Container Platform 4.9.55 security update

2023-02-09 12:43:43

(RHSA-2022:1541) Important: maven-shared-utils security update

2022-04-26 09:54:25

(RHSA-2022:1662) Important: rh-maven36-maven-shared-utils security update

2022-05-02 07:48:12

cvelist

CVE-2022-29599 Commandline class shell injection vulnerabilities

2022-05-23 10:25:10

ubuntucve

CVE-2022-29599

2022-05-23 00:00:00

ubuntu

Apache Maven Shared Utils vulnerability

2024-04-11 00:00:00

veracode

OS Command Injection

2022-05-24 06:21:27

almalinux

Important: maven:3.5 security update

2022-05-30 11:39:15

Important: maven:3.6 security update

2022-05-30 11:39:17

openvas

Debian: Security Advisory (DLA-3059-1)

2022-06-30 00:00:00

Fedora: Security Advisory for maven-shared-utils (FEDORA-2022-5d6aaab56e)

2022-05-09 00:00:00

Debian: Security Advisory (DLA-3086-1)

2022-08-30 00:00:00

cnvd

Apache Maven Command Injection Vulnerability

2022-04-28 00:00:00

debian

[SECURITY] [DLA 3059-1] maven-shared-utils security update

2022-06-29 10:49:00

[SECURITY] [DLA 3086-1] maven-shared-utils security update

2022-08-29 12:49:12

[SECURITY] [DSA 5242-1] maven-shared-utils security update

2022-09-28 13:04:18

fedora

[SECURITY] Fedora 34 Update: maven-shared-utils-3.2.1-0.9.fc34

2022-05-08 02:04:08

redhatcve

CVE-2022-29599

2022-04-25 12:22:15

prion

Design/Logic Flaw

2022-05-23 11:16:00

nvd

CVE-2022-29599

2022-05-23 11:16:10

rocky

maven:3.5 security update

2022-05-30 11:39:15

maven:3.6 security update

2022-05-30 11:39:17

debiancve

CVE-2022-29599

2022-05-23 11:16:10

amazon

Critical: maven-shared-utils

2022-05-04 01:01:00

qualysblog

Oracle Patch Tuesday April 2023 Security Update Review

2023-04-19 11:47:21

Oracle Patch Tuesday, October 2023 Security Update Review

2023-10-18 17:11:20

ibm

Security Bulletin: Multiple vulnerabilities affect the IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit

2023-06-30 09:23:53

oracle

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Oracle Critical Patch Update Advisory - April 2023

2023-04-18 00:00:00

K97399672 : Apache Maven vulnerability CVE-2022-29599

Security Advisory Description

Related