Debian Linux Security Advisory 5242-1 - It was discovered that the Commandline class in maven-shared-utils, a collection of various utility classes for the Maven build system, can emit double-quoted strings without proper escaping, allowing shell injection attacks.
84714da50549cd80b4994a0222f28c86342b8b85cee2cb07fc540a8b7d3eba9b