Skip to main content

Plexus Archiver

2 CVEs product

Monthly

CVE-2023-37460 Maven CRITICAL POC PATCH Act Now

Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Path Traversal Plexus Archiver
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2018-1002200 Maven MEDIUM POC PATCH THREAT This Month

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Plexus Archiver Debian Linux Enterprise Linux Enterprise Linux Desktop +1
NVD GitHub
CVSS 3.0
5.5
EPSS
13.2%
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified `Archiver`/`UnArchiver` API. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Path Traversal Plexus Archiver
NVD GitHub
EPSS 13% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Plexus Archiver Debian Linux +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy