Search for packages
Package details: pkg:maven/org.codehaus.plexus/plexus-utils@3.0.16
purl pkg:maven/org.codehaus.plexus/plexus-utils@3.0.16
Next non-vulnerable version 3.0.24
Latest non-vulnerable version 3.0.24
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-2upq-2rss-aaag
Aliases:
CVE-2022-4245
GHSA-jcwr-x25h-x5fh
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
3.0.24
Affected by 0 other vulnerabilities.
VCID-zj3u-yaat-aaaj
Aliases:
CVE-2022-4244
GHSA-g6ph-x5wf-g337
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
3.0.24
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-7vqc-rq31-aaaq OS Command Injection Plexus-utils is vulnerable to command injection because it does not correctly process the contents of double quoted strings. CVE-2017-1000487
GHSA-8vhq-qq4p-grq3

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:43:39.347205+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 36.1.3
2025-06-20T16:43:38.292459+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 36.1.3
2025-06-20T16:43:36.635665+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 36.1.3
2025-06-20T16:43:36.447511+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 36.1.3
2025-06-20T13:59:35.864948+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 36.1.3
2025-06-20T13:59:32.879206+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 36.1.3
2025-06-03T23:21:55.343464+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 36.1.0
2025-06-03T23:21:54.510074+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 36.1.0
2025-06-03T23:21:53.310315+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 36.1.0
2025-06-03T23:21:53.155358+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 36.1.0
2025-06-03T20:51:33.230346+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 36.1.0
2025-06-03T20:51:30.435442+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 36.1.0
2025-06-02T23:19:09.435968+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 36.1.2
2025-06-02T23:19:08.570272+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 36.1.2
2025-06-02T23:19:07.251488+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 36.1.2
2025-06-02T23:19:07.110492+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 36.1.2
2025-06-02T20:31:16.420241+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 36.1.2
2025-06-02T20:31:13.366562+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 36.1.2
2025-04-03T21:36:36.598138+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 36.0.0
2025-04-03T21:36:34.430773+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 36.0.0
2025-04-03T21:36:31.136168+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 36.0.0
2025-04-03T21:36:30.742035+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 36.0.0
2025-04-03T16:46:52.803816+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 36.0.0
2025-04-03T16:46:46.712047+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 36.0.0
2025-02-18T06:41:12.449580+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 35.1.0
2025-02-18T06:41:12.060911+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 35.1.0
2025-02-18T06:22:15.409464+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 35.1.0
2025-02-18T06:22:15.018660+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 35.1.0
2025-02-17T22:32:31.420297+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 35.1.0
2025-02-17T22:32:31.081384+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 35.1.0
2025-01-17T02:30:24.350269+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq None 35.1.0
2024-11-21T02:37:20.731674+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 35.0.0
2024-11-21T02:22:28.693483+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 35.0.0
2024-11-20T21:58:41.791018+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 35.0.0
2024-11-19T02:27:28.736808+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 34.3.2
2024-11-19T02:12:44.046744+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 34.3.2
2024-11-18T21:55:51.977943+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 34.3.2
2024-10-11T13:58:23.210075+00:00 GithubOSV Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-8vhq-qq4p-grq3/GHSA-8vhq-qq4p-grq3.json 34.0.2
2024-10-08T03:02:20.447135+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 34.0.2
2024-10-08T02:46:57.153514+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 34.0.2
2024-10-07T22:56:02.969903+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 34.0.2
2024-10-07T20:56:04.905538+00:00 GHSA Importer Affected by VCID-2upq-2rss-aaag https://github.com/advisories/GHSA-jcwr-x25h-x5fh 34.0.2
2024-10-07T20:56:04.499836+00:00 GHSA Importer Affected by VCID-zj3u-yaat-aaaj https://github.com/advisories/GHSA-g6ph-x5wf-g337 34.0.2
2024-10-07T17:14:05.502590+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/advisories/GHSA-8vhq-qq4p-grq3 34.0.2
2024-09-23T02:52:12.549822+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 34.0.1
2024-09-23T02:44:36.266441+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 34.0.1
2024-09-22T21:33:15.153033+00:00 GHSA Importer Affected by VCID-2upq-2rss-aaag https://github.com/advisories/GHSA-jcwr-x25h-x5fh 34.0.1
2024-09-22T21:33:14.757813+00:00 GHSA Importer Affected by VCID-zj3u-yaat-aaaj https://github.com/advisories/GHSA-g6ph-x5wf-g337 34.0.1
2024-09-18T09:13:14.684829+00:00 GithubOSV Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-8vhq-qq4p-grq3/GHSA-8vhq-qq4p-grq3.json 34.0.1
2024-09-17T22:38:29.386565+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 34.0.1
2024-09-17T22:04:30.521621+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/advisories/GHSA-8vhq-qq4p-grq3 34.0.1
2024-04-24T05:31:02.168315+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 34.0.0rc4
2024-04-24T05:31:01.759568+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 34.0.0rc4
2024-04-24T05:17:13.375084+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 34.0.0rc4
2024-04-24T05:17:12.961270+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 34.0.0rc4
2024-04-24T01:07:19.229475+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 34.0.0rc4
2024-04-24T01:07:18.876128+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 34.0.0rc4
2024-04-23T23:45:19.191551+00:00 GHSA Importer Affected by VCID-2upq-2rss-aaag None 34.0.0rc4
2024-04-23T23:45:18.777674+00:00 GHSA Importer Affected by VCID-2upq-2rss-aaag https://github.com/advisories/GHSA-jcwr-x25h-x5fh 34.0.0rc4
2024-04-23T23:45:18.366182+00:00 GHSA Importer Affected by VCID-zj3u-yaat-aaaj https://github.com/advisories/GHSA-g6ph-x5wf-g337 34.0.0rc4
2024-04-23T23:45:17.954643+00:00 GHSA Importer Affected by VCID-zj3u-yaat-aaaj None 34.0.0rc4
2024-04-23T23:08:18.753691+00:00 GithubOSV Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-8vhq-qq4p-grq3/GHSA-8vhq-qq4p-grq3.json 34.0.0rc4
2024-04-23T18:34:03.155472+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq None 34.0.0rc4
2024-04-23T18:34:02.754129+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/advisories/GHSA-8vhq-qq4p-grq3 34.0.0rc4
2024-01-10T08:02:54.050036+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 34.0.0rc2
2024-01-10T08:02:53.638338+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 34.0.0rc2
2024-01-10T07:48:48.969395+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 34.0.0rc2
2024-01-10T07:48:48.544601+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 34.0.0rc2
2024-01-10T03:33:19.707946+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 34.0.0rc2
2024-01-10T03:33:19.351865+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 34.0.0rc2
2024-01-10T01:47:34.663837+00:00 GHSA Importer Affected by VCID-2upq-2rss-aaag None 34.0.0rc2
2024-01-10T01:47:34.253568+00:00 GHSA Importer Affected by VCID-2upq-2rss-aaag https://github.com/advisories/GHSA-jcwr-x25h-x5fh 34.0.0rc2
2024-01-10T01:47:33.839900+00:00 GHSA Importer Affected by VCID-zj3u-yaat-aaaj https://github.com/advisories/GHSA-g6ph-x5wf-g337 34.0.0rc2
2024-01-10T01:47:33.429083+00:00 GHSA Importer Affected by VCID-zj3u-yaat-aaaj None 34.0.0rc2
2024-01-09T20:27:31.663525+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq None 34.0.0rc2
2024-01-09T20:27:31.270350+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/advisories/GHSA-8vhq-qq4p-grq3 34.0.0rc2
2024-01-04T00:48:05.398414+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4245.yml 34.0.0rc1
2024-01-04T00:48:04.983229+00:00 GitLab Importer Affected by VCID-2upq-2rss-aaag None 34.0.0rc1
2024-01-04T00:33:59.323828+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj None 34.0.0rc1
2024-01-04T00:33:58.908707+00:00 GitLab Importer Affected by VCID-zj3u-yaat-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2022-4244.yml 34.0.0rc1
2024-01-03T20:09:51.702761+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq None 34.0.0rc1
2024-01-03T18:01:14.406440+00:00 GitLab Importer Fixing VCID-7vqc-rq31-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.codehaus.plexus/plexus-utils/CVE-2017-1000487.yml 34.0.0rc1
2024-01-03T17:39:20.212151+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq https://github.com/advisories/GHSA-8vhq-qq4p-grq3 34.0.0rc1
2024-01-03T15:45:54.247205+00:00 GHSA Importer Fixing VCID-7vqc-rq31-aaaq None 34.0.0rc1