CVE-2017-1000487: plexus-utils: Mishandled strings in Commandline class allow for command injection

Severity: Critical

CVSS Score: 9.8

Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.