Lucene search
K

93 matches found

OSV
OSV
added 2026/04/24 1:42 p.m.36 views

CLSA-2026-1777038119 plexus-utils: Fix of CVE-2025-67030

CVE-2025-67030 fix zip slip via canonical path check in Expand...

8.8CVSS5.8AI score0.00663EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/24 9:48 a.m.9 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to an issue in plexus-utils

Summary There is a vulnerability in plexus-utils used by IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVE CVE-2025-67030. Vulnerability Details CVEID:CVE-2025-67030 DESCRIPTION: Directory Traversal vulnerability ...

8.8CVSS5.9AI score0.00663EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/23 6:59 a.m.6 views

Security Bulletin: Due to use of plexus-utils-3.5.1.jar, IBM Sterling Connect:Direct Web Services is affected by Directory Traversal issue.

Summary plexus-utils-3.5.1.jar is used by IBM Sterling Connect:Direct Web Services CVE-2025-67030. Vulnerability Details CVEID:CVE-2025-67030 DESCRIPTION: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before...

8.8CVSS6.1AI score0.00663EPSS
Exploits0Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/21 12:0 a.m.5 views

Security update for plexus-utils (important)

openSUSE security update: security update for plexus-utils ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20535-1 Rating: important References: bsc1260588 Cross-References: CVE-2025-67030 CVSS scores: CVE-2025-67030 SUSE : 7.3...

7.3CVSS5.7AI score0.00663EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : plexus-utils (SUSE-SU-2026:1396-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1396-1 advisory. This update for plexus-utils fixes the following issue: Security fixes: - CVE-2025-67030: directory...

8.8CVSS5.9AI score0.00663EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/04/16 10:35 a.m.6 views

Security update for plexus-utils

This update for plexus-utils fixes the following issue: Security fixes: CVE-2025-67030: directory traversal via the extractFile method of org.codehaus.plexus.util.Expand bsc1260588. Update to version 4.0.2: Bug Fixes Specify /D for cmd.exe to bypass the Command Processor Autorun folder Dependency...

7.3CVSS5.8AI score0.00663EPSS
Exploits0References4
OSV
OSV
added 2026/04/16 10:34 a.m.6 views

SUSE-SU-2026:1396-1 Security update for plexus-utils

This update for plexus-utils fixes the following issue: Security fixes: - CVE-2025-67030: directory traversal via the extractFile method of org.codehaus.plexus.util.Expand bsc1260588. Update to version 4.0.2: Bug Fixes + Specify /D for cmd.exe to bypass the Command Processor Autorun folder...

8.8CVSS5.8AI score0.00663EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/15 3:10 p.m.13 views

Security Bulletin: IBM Enterprise Build of Quarkus is affected by multiple vulnerabilities

Summary IBM Enterprise Build of Quarkus is affected by vulnerabilities in Apache Avro, Jackson, Vert.x, plexus-utils and Netty Vulnerability Details CVEID:CVE-2025-67030 DESCRIPTION: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils...

8.8CVSS6.2AI score0.01125EPSS
Exploits2Affected Software1
CBLMariner
CBLMariner
added 2026/04/14 6:44 p.m.6 views

CVE-2025-67030 affecting package plexus-utils for versions less than 3.3.0-4

CVE-2025-67030 affecting package plexus-utils for versions less than 3.3.0-4. A patched version of the package is available...

8.8CVSS5.8AI score0.00663EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/14 5:18 p.m.10 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.20.6 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

8.8CVSS5.9AI score0.01125EPSS
Exploits2References21
OSV
OSV
added 2026/04/14 3:2 p.m.3 views

SUSE-SU-2026:21194-1 Security update for plexus-utils

This update for plexus-utils fixes the following issue: - CVE-2025-67030: directory traversal via the extractFile method of org.codehaus.plexus.util.Expand bsc1260588...

8.8CVSS5.8AI score0.00663EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/04/14 2:45 p.m.5 views

org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user...

8.8CVSS5.9AI score0.00663EPSS
Exploits0References9
Amazon
Amazon
added 2026/04/14 12:0 a.m.15 views

Important: plexus-utils

Issue Overview: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code CVE-2025-67030 Affected Packages: plexus-utils Note: This advisory is...

8.8CVSS6.2AI score0.00663EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

Amazon Linux 2 : plexus-utils, --advisory ALAS2-2026-3233 (ALAS-2026-3233)

The version of plexus-utils installed on the remote host is prior to 3.0.9-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3233 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.9 views

Amazon Linux 2023 : javapackages-bootstrap (ALAS2023-2026-1581)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1581 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.5 views

Amazon Linux 2023 : plexus-utils, plexus-utils-javadoc (ALAS2023-2026-1545)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1545 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References4
Amazon
Amazon
added 2026/04/13 12:0 a.m.6 views

Important: javapackages-bootstrap

Issue Overview: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code CVE-2025-67030 Affected Packages: javapackages-bootstrap Issue...

8.8CVSS6.1AI score0.00663EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/04/06 11:43 p.m.3 views

CVE-2025-67030 affecting package plexus-utils for versions less than 3.3.0-5

CVE-2025-67030 affecting package plexus-utils for versions less than 3.3.0-5. A patched version of the package is available...

8.8CVSS5.9AI score0.00663EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/30 12:0 a.m.6 views

plexus-utils-4.0.2-2.1 on GA media (moderate)

plexus-utils-4.0.2-2.1 on GA media Announcement ID: openSUSE-SU-2026:10439-1 Rating: moderate Cross-References: CVE-2025-67030 CVSS scores: CVE-2025-67030 SUSE : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2025-67030 SUSE : 6.3...

7.3CVSS5.9AI score0.00663EPSS
Exploits0
Veracode
Veracode
added 2026/03/28 5:4 a.m.6 views

Directory Traversal

Plexus-Utils is vulnerable to Directory Traversal. The vulnerability is due to a flaw in the extractFile method of org.codehaus.plexus.util.Expand, where an attacker can execute arbitrary code by exploiting the Directory Traversal vulnerability...

8.8CVSS6.2AI score0.00663EPSS
Exploits0References22Affected Software1
Rows per page
Query Builder