92 matches found
OPENSUSE-SU-2026:10439-1 plexus-utils-4.0.2-2.1 on GA media
These are all security issues fixed in the plexus-utils-4.0.2-2.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-67030
A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user. Mitigation Mitigation for this issue is either not...
at.ganzleicht.vaadin:vaadin-maven-plugin (>=9.1.1 <=9.1.3.2), au.com.acegi:xml-format-maven-plugin (>=4.0.1 <=4.1.0) +2010 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=4.0.0 <=4.0.2)
org.codehaus.plexus:plexus-utils MAVEN version =4.0.0, =9.1.1, =4.0.1, =0.0.1, =0.0.9, =0.4.0, =0.0.0, =1.9.2, =1.0.0-M5, =1.0.0-M6, =1.0.0-M1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =1.0.0-M10 and more Source cves: CVE-2025-67030 Source advisory: OSV:GHSA-6FMV-XXPF-W3CW...
Plexus-Utils has a Directory Traversal vulnerability in its extractFile method
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
DEBIAN-CVE-2025-67030
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
CVE-2025-67030
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
UBUNTU-CVE-2025-67030
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
CVE-2025-67030
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
CVE-2025-67030
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...
Plexus-Utils 安全漏洞
Plexus-Utils is a general-purpose utility program developed by Plexus. This program is primarily used to simplify the handling of strings, files, command lines, and XML data. Versions of Plexus-Utils prior to 20c2f80 contained security vulnerabilities. These vulnerabilities stemmed from the extra...
Plexus-utils 安全漏洞
Plexus-utils is a general-purpose utility developed by Plexus Open Source. This program is primarily used to simplify the handling of strings, files, command lines, XML, etc. A security vulnerability existed in Plexus-utils 6d780b3378829318ba5c2d29547e0012d5b29642 and earlier versions. This...
at.ganzleicht.vaadin:vaadin-maven-plugin (>=9.1.1 <=9.1.3.2), au.com.acegi:xml-format-maven-plugin (>=4.0.1 <=4.1.0) +2010 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=4.0.0 <=4.0.2)
org.codehaus.plexus:plexus-utils MAVEN version =4.0.0, =9.1.1, =4.0.1, =0.0.1, =0.0.9, =0.4.0, =0.0.0, =1.9.2, =1.0.0-M5, =1.0.0-M6, =1.0.0-M1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =1.0.0-M10 and more Source cves: CVE-2025-67030 Source advisory: SNYK:JAVA-ORGCODEHAUSPLEXUS-15766699...
Directory Traversal
Overview org.codehaus.plexus:plexus-utils is a collection of various utility classes to ease working with strings, files, command lines, XML and more. Affected versions of this package are vulnerable to Directory Traversal via the extractFile function. An attacker can exploit this to execute...
aero.albers.osmbse:mdzip-process-sources-maven-plugin (=0.0.1), aero.albers.osmbse:mdzip-validate-maven-plugin (=0.0.1) +17572 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=3.0 <=3.6.0)
org.codehaus.plexus:plexus-utils MAVEN version =3.0, =0.1, =0.1.0, =0.0.1, =0.0.6, =0.1.10, =0.1.3, =0.0.1, =0.0.1, =0.2.0, =0.1.3, =0.1.3, =0.1.5 - ai.pipestream:pipestream-engine =0.0.6 - ai.pipestream:pipestream-engine-kafka-sidecar =0.0.2 and more Source cves: CVE-2025-67030 Source advisory:...
PT-2026-28076
Name of the Vulnerable Software and Affected Versions plexus-utils versions prior to 6d780b3378829318ba5c2d29547e0012d5b29642 Description A directory traversal issue exists in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils. This allows an attacker to execute arbitrary...
Linux Distros Unpatched Vulnerability : CVE-2025-67030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642...
EUVD-2022-3243
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2017-1000487
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. CVE-2017-1000487 Note...
RHEL 7 : plexus-utils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - plexus-utils: Mishandled strings in Commandline class allow for command injection CVE-2017-1000487 Note that Nessus...
Fedora: Security Advisory for plexus-utils (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...