7 matches found
RLSA-2026:38500 Important: maven:3.9 security update
Maven is a software project management and comprehension tool. Based on the concept of a project object model POM, Maven can manage a project's build, reporting and documentation from a central piece of information. Security Fixes: org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Travers...
Important: Red Hat Security Advisory: plexus-utils security update
An update for plexus-utils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
ALSA-2026:38514 Important: plexus-utils security update
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an...
CLSA-2026-1777038119 plexus-utils: Fix of CVE-2025-67030
CVE-2025-67030 fix zip slip via canonical path check in Expand...
Amazon Linux 2023 : plexus-utils, plexus-utils-javadoc (ALAS2023-2026-1545)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1545 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute...
CVE-2025-67030 affecting package plexus-utils for versions less than 3.3.0-5
CVE-2025-67030 affecting package plexus-utils for versions less than 3.3.0-5. A patched version of the package is available...
CVE-2025-67030 vulnerabilities
Vulnerabilities for packages: dependency-track, gradle-stage0, maven, wso2is, gradle, kafka, maven-ecosystems-test, confluent-kafka-jre-bcfips, clojure-tools, apache-camel-karavan-devmode, druid, confluent-kafka, akhq, kafka-fips, leiningen, dependency-track-apiserver, maven-stage0...