EUVD-2022-4128

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-37460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified Archiver/UnArchiver API. Prior to...

OESA-2025-1862 plexus-archiver security update

The Plexus project provides a full software stack for creating and executing software projects. It provides a number of pre-built components for common tasks and toolkits such as Jetty, Velocity, Hibernate, i18n, and many more. However, Plexus is also able to reuse your existing components writte...

OESA-2025-1861 plexus-archiver security update

The Plexus project provides a full software stack for creating and executing software projects. It provides a number of pre-built components for common tasks and toolkits such as Jetty, Velocity, Hibernate, i18n, and many more. However, Plexus is also able to reuse your existing components writte...

OESA-2025-1859 plexus-archiver security update

The Plexus project provides a full software stack for creating and executing software projects. It provides a number of pre-built components for common tasks and toolkits such as Jetty, Velocity, Hibernate, i18n, and many more. However, Plexus is also able to reuse your existing components writte...

OESA-2025-1671 plexus-archiver security update

The Plexus project provides a full software stack for creating and executing software projects. It provides a number of pre-built components for common tasks and toolkits such as Jetty, Velocity, Hibernate, i18n, and many more. However, Plexus is also able to reuse your existing components writte...

RHSA-2023:6886 Red Hat Security Advisory: plexus-archiver security update

Bulletin has no description...

RHSA-2018:1837 Red Hat Security Advisory: rh-maven33-plexus-archiver and rh-maven35-plexus-archiver security update

Bulletin has no description...

RHSA-2018:1836 Red Hat Security Advisory: plexus-archiver security update

Bulletin has no description...

OPENSUSE-SU-2024:13309-1 plexus-archiver-4.8.0-2.1 on GA media

These are all security issues fixed in the plexus-archiver-4.8.0-2.1 package on the GA media of openSUSE Tumbleweed...

Important: javapackages-bootstrap

Issue Overview: Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified Archiver/UnArchiver API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remot...

RHEL 6 / 7 : rh-maven33-plexus-archiver and rh-maven35-plexus-archiver (RHSA-2018:1837)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1837 advisory. The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications c...

Fedora: Security Advisory for plexus-archiver (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : plexus-archiver (RHSA-2023:6886)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6886 advisory. - Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified Archiver/UnArchiver API. Prior to...

Oracle Linux 7 : plexus-archiver (ELSA-2023-6886)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6886 advisory. 0:2.4.2-6 - Avoid override target symlink by standard file in AbstractUnArchiver - Fixes: CVE-2023-37460 Tenable has extracted the preceding description block...

RHEL 7 : plexus-archiver (RHSA-2023:6886)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6886 advisory. The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can...

Amazon Linux 2023 : plexus-archiver, plexus-archiver-javadoc (ALAS2023-2023-421)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-421 advisory. Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified Archiver/UnArchiver API. Prior to version 4.8.0, using AbstractUnArchiver for...

Important: plexus-archiver

Issue Overview: Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified Archiver/UnArchiver API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remot...

SUSE CVE-2018-1002200

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

plexus-archiver: Arbitrary File Creation in AbstractUnArchiver

A flaw was found in the Plexus Archiver. While using AbstractUnArchiver for extracting, an archive might lead to arbitrary file creation and possible remote code execution RCE. Extracting an archive with an entry in the destination directory as a symbolic link whose target does not exist will...