VYPR
High severity8.8NVD Advisory· Published Mar 25, 2026· Updated May 1, 2026

CVE-2025-67030

CVE-2025-67030

Description

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.codehaus.plexus:plexus-utilsMaven
>= 4.0.0, < 4.0.34.0.3
org.codehaus.plexus:plexus-utilsMaven
< 3.6.13.6.1

Affected products

48

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.