Design/Logic Flaw

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...

UBUNTU-CVE-2022-29599

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...

CVE-2022-29599

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...

CVE-2022-29599

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...

CVE-2022-29599

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...

CVE-2022-29599

CVE-2022-29599 affects the Maven project’s shared utilities: maven-shared-utils, prior to version 3.3.3. The issue lies in the Commandline class, which can emit double-quoted strings without proper escaping, enabling shell injection attacks. The vulnerability is reported with high severities (CVS...

CVE-2022-29599 Commandline class shell injection vulnerabilities

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks...

maven-shared-utils security update

0.4-4 - Fix commandline injection vulnerability - Resolves: rhbz2068651...

maven-shared-utils: Command injection via Commandline class

A flaw was found in the maven-shared-utils package. This issue allows a Command Injection due to improper escaping, allowing a shell injection attack...

PT-2022-7347 · Apache +8 · Apache Maven Maven-Shared-Utils +8

Name of the Vulnerable Software and Affected Versions: Apache Maven maven-shared-utils versions prior to 3.3.3 Description: The issue is related to the Commandline class in Apache Maven maven-shared-utils, which can emit double-quoted strings without proper escaping. This allows for shell injecti...

[SECURITY] Fedora 35 Update: gdal-3.3.3-1.fc35

Geospatial Data Abstraction Library GDAL/OGR is a cross platform C++ translator library for raster and vector geospatial data formats. As a library, it presents a single abstract data model to the calling application for all supported formats. It also comes with a variety of useful commandline...

Command Injection

maven-shared-utils is vulnerable to command injection. The vulnerability exists in BourneShell and Commandline classes due to improper escaping which allows a malicious attacker to inject and execute arbitrary commands...

SUSE-SU-2021:2010-1 Security update for python-PyJWT

This update for python-PyJWT fixes the following issues: python-JWT was updated to 1.5.3. bsc1186173 update to version 1.5.3: Changed + Increase required version of the cryptography package to =1.4.0. Fixed + Remove uses of deprecated functions from the cryptography package. + Warn about missing...

CVE-2021-32617

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An inefficient algorithm quadratic complexity was found in Exiv2 versions v0.27.3 and earlier. The inefficient algorithm is triggered when Exiv2 is used to write metadata int...

Fedora: Security Advisory for apt (FEDORA-2020-f03cfe3df5)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: apt-2.1.7-1.fc32

This package provides commandline tools for searching and managing as well as querying information about packages as a low-level access to all features of the libapt-pkg library. These include: apt-get for retrieval of packages and information about them from authenticated sources and for...

Exploit for Improper Input Validation in Microsoft

CVE-2020-1350 Scanner and Mitigat...

ParamKit - A Small Library Helping To Parse Commandline Parameters

A small library helping to parse commandline parameters for Windows. Objectives "like Python's argparse but for C/C++" compact and minimalistic easy to use extendable Demo Print help for each parameter: Easily store values of popular types, and verify if all required parameters are filled: Verify...

Microsoft Windows 10 build 1809 - Local Privilege Escalation (UAC Bypass) Exploit

Exploit Title: Microsoft Windows 10 - Local Privilege Escalation UAC Bypass Author: Nassim Asrir Exploit Author: Nassim Asrir CVE: N/A Tested On: Windows 10Pro 1809 Vendor : https://www.microsoft.com Technical Details I discovered a Local Privilege Escalation in Windows 10 UAC Bypass, via an...

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfsshiftfs Error Path

Ubuntu 19.10 - ubuntu-aufs-modified mmapregion Breaks Refcounting in overlayfsshiftfs Error Path Tested on 19.10. Ubuntu's aufs kernel patch includes the following change which I interestingly can't see in the AUFS code at https://github.com/sfjro/aufs5-linux/blob/master/mm/mmap.c:...