Lucene search
K

92 matches found

OSV
OSV
added 2026/03/26 12:0 a.m.4 views

OPENSUSE-SU-2026:10439-1 plexus-utils-4.0.2-2.1 on GA media

These are all security issues fixed in the plexus-utils-4.0.2-2.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS5.9AI score0.00663EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/25 10:39 p.m.6 views

CVE-2025-67030

A flaw was found in plexus-utils. This vulnerability, known as a Directory Traversal, exists within the extractFile method. An attacker can exploit this to execute unauthorized code on the system in the context of the current working user. Mitigation Mitigation for this issue is either not...

8.3CVSS5.9AI score0.00663EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2026/03/25 6:31 p.m.5 views

at.ganzleicht.vaadin:vaadin-maven-plugin (>=9.1.1 <=9.1.3.2), au.com.acegi:xml-format-maven-plugin (>=4.0.1 <=4.1.0) +2010 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=4.0.0 <=4.0.2)

org.codehaus.plexus:plexus-utils MAVEN version =4.0.0, =9.1.1, =4.0.1, =0.0.1, =0.0.9, =0.4.0, =0.0.0, =1.9.2, =1.0.0-M5, =1.0.0-M6, =1.0.0-M1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =1.0.0-M10 and more Source cves: CVE-2025-67030 Source advisory: OSV:GHSA-6FMV-XXPF-W3CW...

8.8CVSS5.7AI score0.00663EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/03/25 6:31 p.m.5 views

Plexus-Utils has a Directory Traversal vulnerability in its extractFile method

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

8.8CVSS6.2AI score0.00663EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/03/25 6:16 p.m.3 views

DEBIAN-CVE-2025-67030

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

8.8CVSS5.9AI score0.00663EPSS
Exploits0References1
NVD
NVD
added 2026/03/25 6:16 p.m.6 views

CVE-2025-67030

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

8.8CVSS0.00663EPSS
Exploits0References20
OSV
OSV
added 2026/03/25 6:16 p.m.5 views

UBUNTU-CVE-2025-67030

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

8.8CVSS6.2AI score0.00663EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/03/25 6:16 p.m.5 views

CVE-2025-67030

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

8.8CVSS6AI score0.00663EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/25 12:0 a.m.24 views

CVE-2025-67030

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code...

0.00663EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.11 views

Plexus-Utils 安全漏洞

Plexus-Utils is a general-purpose utility program developed by Plexus. This program is primarily used to simplify the handling of strings, files, command lines, and XML data. Versions of Plexus-Utils prior to 20c2f80 contained security vulnerabilities. These vulnerabilities stemmed from the extra...

7.5CVSS5.8AI score0.00856EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.7 views

Plexus-utils 安全漏洞

Plexus-utils is a general-purpose utility developed by Plexus Open Source. This program is primarily used to simplify the handling of strings, files, command lines, XML, etc. A security vulnerability existed in Plexus-utils 6d780b3378829318ba5c2d29547e0012d5b29642 and earlier versions. This...

8.8CVSS6AI score0.00663EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2026/03/25 12:0 a.m.8 views

at.ganzleicht.vaadin:vaadin-maven-plugin (>=9.1.1 <=9.1.3.2), au.com.acegi:xml-format-maven-plugin (>=4.0.1 <=4.1.0) +2010 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=4.0.0 <=4.0.2)

org.codehaus.plexus:plexus-utils MAVEN version =4.0.0, =9.1.1, =4.0.1, =0.0.1, =0.0.9, =0.4.0, =0.0.0, =1.9.2, =1.0.0-M5, =1.0.0-M6, =1.0.0-M1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =1.0.0-M10 and more Source cves: CVE-2025-67030 Source advisory: SNYK:JAVA-ORGCODEHAUSPLEXUS-15766699...

8.8CVSS5.7AI score0.00663EPSS
Exploits0
Snyk
Snyk
added 2026/03/25 12:0 a.m.3 views

Directory Traversal

Overview org.codehaus.plexus:plexus-utils is a collection of various utility classes to ease working with strings, files, command lines, XML and more. Affected versions of this package are vulnerable to Directory Traversal via the extractFile function. An attacker can exploit this to execute...

8.8CVSS6.5AI score0.00663EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/03/25 12:0 a.m.5 views

aero.albers.osmbse:mdzip-process-sources-maven-plugin (=0.0.1), aero.albers.osmbse:mdzip-validate-maven-plugin (=0.0.1) +17572 more potentially affected by CVE-2025-67030 via org.codehaus.plexus:plexus-utils (>=3.0 <=3.6.0)

org.codehaus.plexus:plexus-utils MAVEN version =3.0, =0.1, =0.1.0, =0.0.1, =0.0.6, =0.1.10, =0.1.3, =0.0.1, =0.0.1, =0.2.0, =0.1.3, =0.1.3, =0.1.5 - ai.pipestream:pipestream-engine =0.0.6 - ai.pipestream:pipestream-engine-kafka-sidecar =0.0.2 and more Source cves: CVE-2025-67030 Source advisory:...

8.8CVSS5.7AI score0.00663EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.15 views

PT-2026-28076

Name of the Vulnerable Software and Affected Versions plexus-utils versions prior to 6d780b3378829318ba5c2d29547e0012d5b29642 Description A directory traversal issue exists in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils. This allows an attacker to execute arbitrary...

8.8CVSS6.1AI score0.01177EPSS
Exploits0References102
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-67030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-3243

Malicious code in bioql PyPI...

9.8CVSS7.8AI score0.06543EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2017-1000487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. CVE-2017-1000487 Note...

9.8CVSS7AI score0.06543EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.23 views

RHEL 7 : plexus-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - plexus-utils: Mishandled strings in Commandline class allow for command injection CVE-2017-1000487 Note that Nessus...

9.8AI score0.06543EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.14 views

Fedora: Security Advisory for plexus-utils (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Rows per page
Query Builder