934 matches found
AZL-9967 CVE-2022-2068 affecting package openssl for versions less than 1.1.1k-17
In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...
DEBIAN-CVE-2022-2068
In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...
AlmaLinux 8 : maven:3.6 (ALSA-2022:4797)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:4797 advisory. maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Tenable has extracted the preceding description block directly from the AlmaLinux securi...
AlmaLinux 8 : maven:3.5 (ALSA-2022:4798)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:4798 advisory. maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Tenable has extracted the preceding description block directly from the AlmaLinux securi...
Oracle Linux 8 : maven:3.6 (ELSA-2022-4797)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-4797 advisory. maven-shared-utils 3.2.1-0.4 - Build with OpenJDK 8 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
Oracle Linux 8 : maven:3.5 (ELSA-2022-4798)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-4798 advisory. maven-shared-utils 3.2.1-0.2 - Fix commandline injection vulnerability - Resolves: CVE-2022-29599 Tenable has extracted the preceding description block directly...
maven-shared-utils: Command injection via Commandline class
A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...
OESA-2022-1684 maven-shared-utils security update
This package can be the functional replacement of plexus-utils in Maven. At the same time, the package has many hightlights, such as: a lot of methods got cleaned up, generics got added and a lot of unused code dropped. Security Fixes: In Apache Maven maven-shared-utils prior to version 3.3.3, th...
GHSA-8RP6-X3R7-5QW3 SaltStack Salt is vulnerable to shell injection via ProxyCommand argument
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via sshoptions provided in an API request...
SaltStack Salt is vulnerable to shell injection via ProxyCommand argument
An issue was discovered in SaltStack Salt before 3002.5. The salt-api's ssh client is vulnerable to a shell injection by including ProxyCommand in an argument, or via sshoptions provided in an API request...
SaltStack Salt Command Injection in netapi ssh client
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection...
GHSA-RHGR-952R-6P8Q Command injection in Apache Maven maven-shared-utils
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
DEBIAN-CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
Design/Logic Flaw
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
UBUNTU-CVE-2022-29599
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...
CVE-2022-29599 Commandline class shell injection vulnerabilities
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...