Description:
The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an application server which is like a J2EE application server, without all the baggage.
Security Fix(es):
* org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method (CVE-2025-67030)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| noarch |
plexus-utils-3.3.0-14.el9_8.noarch.rpm |
83674d69aca9951f1245d4c6899f7352451489b852ed1df7ec085e28cbb56cf7 |