41 matches found
ROOT-APP-MAVEN-CVE-2022-29599 CVE-2022-29599 in io.root.org.apache.maven.shared:maven-shared-utils - Patched by Root
Root has patched CVE-2022-29599 in the io.root.org.apache.maven.shared:maven-shared-utils package for Root:Maven. Multiple fixed versions available...
MiracleLinux 8 : maven:3.5 (AXSA:2022-3741:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3741:01 advisory. maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Tenable has extracted the preceding description block directly from the MiracleLin...
MiracleLinux 8 : maven:3.6 (AXSA:2022-3738:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3738:01 advisory. maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Tenable has extracted the preceding description block directly from the MiracleLin...
Security Bulletin: Vulnerabilities in Maven affect IBM watsonx.data
Summary Apache Maven could allow a remote attacker to either bypass security restrictions or to execute arbitrary commands on the system. These can affect IBM watsonx.data. Vulnerability Details CVEID:CVE-2021-26291 DESCRIPTION: Apache Maven could allow a remote attacker to bypass security...
RHEL 8 : Red Hat Product OCP Tools 4.13 OpenShift Jenkins (RHSA-2023:6179)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6179 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2023:7288)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7288 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHCOS 4 : OpenShift Container Platform 4.10.46 (RHSA-2022:9098)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:9098 advisory. - maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Note that Nessus has not tested for this issue but has instead...
Critical: Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Critical: Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update
An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.11. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Oracle WebLogic Server (October 2023 CPU)
The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the October 2023 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities, including: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware...
Security Bulletin: Multiple vulnerabilities affect the IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit
Summary The IBM App Connect Enterprise Toolkit and the IBM Integration Bus Toolkit are vulnerable, as per the CVEs listed in the Vulnerability Details section. These vulnerabilities affect some development tasks in the product toolkit. CVE-2022-29599 and CVE-2020-10683 only affect Test and Java...
Critical: maven-shared-utils
Issue Overview: org.apache.maven.shared:maven-shared-utils is a functional replacement for plexus-utils in Maven. Affected versions of this package are vulnerable to Command Injection. The Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
Amazon Linux 2023 : maven-shared-utils, maven-shared-utils-javadoc (ALAS2023-2023-077)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-077 advisory. org.apache.maven.shared:maven-shared-utils is a functional replacement for plexus-utils in Maven. Affected versions of this package are vulnerable to Command Injection. The Commandline class can emit...
K97399672: Apache Maven vulnerability CVE-2022-29599
Security Advisory Description In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks. CVE-2022-29599 Impact There is no impact; F5 products are not affected by this vulnerability...
SUSE CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.9.55 security update
Red Hat OpenShift Container Platform release 4.9.55 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.10.46 packages and security update
Red Hat OpenShift Container Platform release 4.10.46 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whi...
Amazon Linux 2022 : maven-shared-utils (ALAS2022-2022-242)
The version of maven-shared-utils installed on the remote host is prior to 3.3.4-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-242 advisory. - In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings...