26 matches found
org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...
Important: Red Hat Security Advisory: maven:3.9 security update
An update for the maven:3.9 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...
ALSA-2026:38796 Important: plexus-utils security update
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
ALSA-2026:38514 Important: plexus-utils security update
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
RHSA-2026:35991 Red Hat Security Advisory: plexus-utils security update
Bulletin has no description...
org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...
org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...
org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...
Important: Red Hat Security Advisory: plexus-utils security update
An update for plexus-utils is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
ROOT-APP-MAVEN-CVE-2025-67030 CVE-2025-67030 in io.root.org.codehaus.plexus:plexus-utils - Patched by Root
Root has patched CVE-2025-67030 in the io.root.org.codehaus.plexus:plexus-utils package for Root:Maven. Multiple fixed versions available...
org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...
org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...
OPENSUSE-SU-2026:20535-1 Security update for plexus-utils
This update for plexus-utils fixes the following issue: - CVE-2025-67030: directory traversal via the extractFile method of org.codehaus.plexus.util.Expand bsc1260588...
Important: plexus-utils
Issue Overview: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code CVE-2025-67030 Affected Packages: plexus-utils Issue Correction: Run dn...
aero.albers.osmbse:mdzip-process-sources-maven-plugin (=0.0.1), aero.albers.osmbse:mdzip-validate-maven-plugin (=0.0.1) +24036 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=1.0.4 <=3.6.0)
org.codehaus.plexus:plexus-utils MAVEN version =1.0.4, =0.1, =0.1.0, =0.0.1, =0.0.6, =0.1.10, =0.1.3, =0.0.1, =0.0.1, =0.2.0, =0.1.3, =0.1.3, =0.1.5 - ai.pipestream:pipestream-engine =0.0.6 - ai.pipestream:pipestream-engine-kafka-sidecar =0.0.2 and more Source cves: CVE-2025-67030 Source advisory...
EUVD-2025-209002
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
GHSA-6FMV-XXPF-W3CW Plexus-Utils has a Directory Traversal vulnerability in its extractFile method
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
CVE-2025-67030
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
CVE-2025-67030
CVE-2025-67030 is a Directory Traversal/vulnerability in the Plexus Utils library (Expand.extractFile) that can lead to code execution. It affects plexus-utils versions prior to the patch 6d780b3378829318ba5c2d29547e0012d5b29642, with CVSS v3.1 base score 8.8 (HIGH). The connected vendor advisori...