Description

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code

INFO

Published Date :

2026-03-25T00:00:00.000Z

Last Modified :

2026-03-27T19:34:53.752Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-67030 vulnerability.

Vendors Products
Codehaus-plexus
  • Plexus-utils
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-67030.

URL Resource
https://gist.github.com/weaver4VD/3216dac645220f8c9b488362f61241ec cve-icon cve-icon cve-icon
https://github.com/codehaus-plexus/plexus-utils/commit/6d780b3378829318ba5c2d29547e0012d5b29642 cve-icon cve-icon cve-icon
https://github.com/codehaus-plexus/plexus-utils/issues/294 cve-icon cve-icon cve-icon
https://github.com/codehaus-plexus/plexus-utils/pull/295 cve-icon cve-icon cve-icon
https://github.com/codehaus-plexus/plexus-utils/pull/296 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-67030 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-67030 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact