2 matches found
Amazon Linux 2023 : maven3.9, maven3.9-amazon-corretto8, maven3.9-amazon-corretto11 (ALAS2023-2026-1602)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1602 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute...
SUSE-RU-2024:3971-1 Recommended update for mojo-parent
This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: - Security issues fixed: CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets bsc1201684 - Changes and Bugs fixed: Java 8 is now the minimum requirement...