Skip to main content

N A CVE-2025-67030

| EUVDEUVD-2025-209002 HIGH
Path Traversal (CWE-22)
2026-03-25 mitre GHSA-6fmv-xxpf-w3cw
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
SUSE
7.3 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Red Hat
8.3 HIGH
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 25, 2026 - 18:01 euvd
EUVD-2025-209002
Analysis Generated
Mar 25, 2026 - 18:01 vuln.today
CVE Published
Mar 25, 2026 - 00:00 nvd
HIGH 8.8

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 1,127 maven packages depend on org.codehaus.plexus:plexus-utils (211 direct, 925 indirect)

Ecosystem-wide dependent count for version 4.0.0.

DescriptionNVD

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code

AnalysisAI

A directory traversal vulnerability exists in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils versions prior to commit 6d780b3378829318ba5c2d29547e0012d5b29642, allowing attackers to escape the intended extraction directory and write arbitrary files to the filesystem, potentially leading to remote code execution. The vulnerability affects any application using vulnerable versions of plexus-utils for archive extraction operations. A proof-of-concept has been publicly disclosed via a GitHub Gist, and the fix has been merged into the project repository.

Technical ContextAI

plexus-utils is a widely-used utility library in the Apache Maven ecosystem, providing common functionality including archive extraction capabilities. The Expand class and its extractFile method are responsible for decompressing and extracting contents from archive files (typically ZIP or TAR formats). The vulnerability stems from insufficient validation of file paths during extraction, allowing an attacker to include path traversal sequences (such as '../' or absolute paths) within archive member filenames. This violates CWE-22 (Improper Limitation of a Pathname to a Restricted Directory - Path Traversal), a fundamental file operation security issue. When an archive with specially crafted file paths is processed, the extraction logic fails to canonicalize or validate paths before writing to disk, permitting writes outside the intended extraction directory. This is particularly critical in build automation contexts where Maven and dependent tools automatically extract archives from repositories or during dependency resolution.

RemediationAI

Update plexus-utils to the version that includes commit 6d780b3378829318ba5c2d29547e0012d5b29642 or later. For Maven-based projects, update the dependency declaration in pom.xml to the patched version and run 'mvn clean install' to rebuild. For Gradle projects, update the dependency version in build.gradle. All transitive dependencies will be updated automatically by the dependency resolver. Additionally, ensure that build environments do not process untrusted archives from external sources without cryptographic verification (GPG signatures, SHA-256 checksums from official repositories). Implement supply chain security practices such as dependency locking, private artifact repositories, and artifact scanning for malicious path patterns. Until patching is complete, review and restrict network access to Maven build agents and containerized build environments to minimize lateral movement risk if a build is compromised.

More in N A

View all
CVE-2026-31072 CRITICAL POC
9.8 May 19

Remote code execution in APScheduler (all versions through 3.10.x and 4.0.0a5) is achievable when applications deseriali

CVE-2026-36356 CRITICAL POC
9.1 May 05

Unauthenticated remote OS command injection in MeiG Smart FORGE_SLT711 cellular gateway firmware MDM9607.LE.1.0-00110-ST

CVE-2026-31071 CRITICAL POC
9.1 May 19

Unauthenticated API access in LalanaChami Pharmacy Management System (commit 5c3d028) allows remote attackers to dump al

CVE-2025-66391 HIGH POC
8.8 Jun 17

In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write o

CVE-2026-26740 HIGH POC
8.2 Mar 18

Giflib 5.2.2 contains a buffer overflow in the EGifGCBToExtension function that fails to validate allocated memory when

CVE-2025-60464 HIGH POC
7.8 Jun 25

Denial of service in GPAC's MP4Box multimedia tool (versions before 26.02.0) arises from a use-after-free in the gf_sei_

CVE-2026-36355 HIGH POC
7.7 May 05

Arbitrary kernel memory read/write in Realtek rtl819x Jungle SDK Wi-Fi driver allows local unprivileged attackers to acc

CVE-2025-60474 HIGH POC
7.5 Jun 24

Denial of service in GPAC's MP4Box/libgpac media importer (versions before 26.02.0) lets an attacker crash the tool by s

CVE-2026-38639 HIGH POC
7.5 Jun 26

An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of S

CVE-2026-38641 HIGH POC
7.5 Jun 26

Denial of service in relibc (the Redox OS C standard library) at commit 61f42d allows attackers to crash a process by ge

CVE-2026-38637 HIGH POC
7.5 Jun 25

An issue in the pthread_rwlockattr_setpshared() function of relibc commit 61f42d allows attackers to cause a Denial of S

CVE-2026-38640 HIGH POC
7.5 Jun 25

Denial of service in relibc (the Redox OS C standard library implementation, commit 61f42d) lets attackers crash a proce

Vendor StatusVendor

SUSE

Severity: High
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Module for Development Tools 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP7 Fixed
SUSE Linux Enterprise Server 16.0 Fixed

Share

CVE-2025-67030 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy