Vulnerabilities > Codehaus Plexus

DATE CVE VULNERABILITY TITLE RISK
2023-09-25 CVE-2022-4244 Path Traversal vulnerability in multiple products
A flaw was found in codeplex-codehaus.
network
low complexity
codehaus-plexus redhat CWE-22
7.5
2023-09-25 CVE-2022-4245 XXE vulnerability in multiple products
A flaw was found in codehaus-plexus.
network
low complexity
codehaus-plexus redhat CWE-611
4.3
2023-07-25 CVE-2023-37460 UNIX Symbolic Link (Symlink) Following vulnerability in Codehaus-Plexus Plexus-Archiver
Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API.
network
low complexity
codehaus-plexus CWE-61
critical
9.8
2018-07-25 CVE-2018-1002200 Path Traversal vulnerability in multiple products
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction.
local
low complexity
codehaus-plexus redhat debian CWE-22
5.5
2018-01-03 CVE-2017-1000487 OS Command Injection vulnerability in multiple products
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
network
low complexity
codehaus-plexus debian CWE-78
critical
9.8