In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| org.apache.maven.shared:maven-shared-utils(Maven) | 0 | 3.3.3 | N/A |
CVSS Metrics
