Plexus-utils
This hub aggregates every CVE we track for Plexus-utils, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
HIGH2MEDIUM1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
2024-082026-07
Latest CVEs
The 4 most recently published vulnerabilities affecting Plexus-utils.
- CVE-2025-67030Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute ar...8.8
- CVE-2022-4245Codehaus-plexus: xml external entity (xxe) injection4.3
- CVE-2022-4244Codehaus-plexus: directory traversal7.5
- CVE-2017-1000487Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.9.8
Product normalization is registry-driven with AI assist and human review. How it works