Plexus-utils@* Security Vulnerabilities and Issues — Plexus-utils@* CVE List

Lucene search

Codehaus-plexusPlexus-utils*

3 matches found

CVE•added 2023/09/25 8:15 p.m.•320 views

CVE-2022-4245

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.

4.3CVSS4.9AI score0.00138EPSS

CVE•added 2018/01/03 8:29 p.m.•183 views

CVE-2017-1000487

Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.

9.8CVSS9.4AI score0.13173EPSS

CVE•added 2023/09/25 8:15 p.m.•134 views

CVE-2022-4244

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be poss...

7.5CVSS7.5AI score0.0059EPSS