Download
| Alert*
|
oval:org.secpod.oval:def:1502243
plexus-archiver is installed oval:org.secpod.oval:def:114634 The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an ap ... oval:org.secpod.oval:def:1502242 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:114633 The Plexus project seeks to create end-to-end developer tools for writing applications. At the core is the container, which can be embedded or for a full scale application server. There are many reusable components for hibernate, form processing, jndi, i18n, velocity, etc. Plexus also includes an ap ... oval:org.secpod.oval:def:204834 The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. The plexus-archiver component prov ... oval:org.secpod.oval:def:1700057 A path traversal vulnerability has been discovered in plexus-archiver when extracting a carefully crafted zip file which holds path traversal file names. A remote attacker could use this vulnerability to write files outside the target directory and overwrite existing files with malicious code or vul ... oval:org.secpod.oval:def:1507144 [0:2.4.2-6] - Avoid override target symlink by standard file in AbstractUnArchiver - Fixes: CVE-2023-37460 oval:org.secpod.oval:def:19500477 Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified 'Archiver'/'UnArchiver' API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code executio ... |
