Vulnerabilities > Codehaus Plexus
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-25 | CVE-2022-4244 | Path Traversal vulnerability in multiple products A flaw was found in codeplex-codehaus. | 7.5 |
2023-09-25 | CVE-2022-4245 | XXE vulnerability in multiple products A flaw was found in codehaus-plexus. | 4.3 |
2023-07-25 | CVE-2023-37460 | UNIX Symbolic Link (Symlink) Following vulnerability in Codehaus-Plexus Plexus-Archiver Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. | 9.8 |
2018-07-25 | CVE-2018-1002200 | Path Traversal vulnerability in multiple products plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. | 5.5 |
2018-01-03 | CVE-2017-1000487 | OS Command Injection vulnerability in multiple products Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. | 9.8 |