CVE-2022-29599
ADVISORY - githubSummary
In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
EPSS Score: 0.02259 (0.898)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improper Encoding or Escaping of Output
ADVISORY - github
ADVISORY - gitlab
ADVISORY - redhat
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in