CVEs (4)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code |
2Codehaus Plexus Redhat2Integration Camel K Plexus UtilsNov 21, 2024 Sep 25, 2023 N/A· v4 4.3 MEDIUM· v3 N/A· v2 A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpre...Show more |
2Codehaus Plexus Redhat2Integration Camel K Plexus UtilsMay 5, 2025 Sep 25, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)"...Show more |
2Codehaus Plexus Debian2Debian Linux Plexus UtilsNov 21, 2024 Jan 3, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. |