CVE-2025-67030
- EPSS 0.37%
- Veröffentlicht 25.03.2026 00:00:00
- Zuletzt bearbeitet 01.05.2026 17:12:22
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code
CVE-2022-4244
- EPSS 0.27%
- Veröffentlicht 25.09.2023 20:15:10
- Zuletzt bearbeitet 05.05.2025 14:12:14
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variation...
CVE-2022-4245
- EPSS 0.06%
- Veröffentlicht 25.09.2023 20:15:10
- Zuletzt bearbeitet 21.11.2024 07:34:51
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML i...
CVE-2017-1000487
- EPSS 7.8%
- Veröffentlicht 03.01.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:04:50
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.