codehaus-plexus/plexus-utils

codehaus-plexus/plexus-utils

GitHubGitHub
GitHubgithub.com
codehaus-plexus.github.iocodehaus-plexus.github.io
Releases77
Frequency3 months 1 day
Last Release
Stars39
Plexus Utils
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2025-67030
8.8 HIGH

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code

CVE-2017-1000487
9.8 CRITICAL7.5 HIGH

Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.