CVE-2025-67030

ADVISORY - github

Summary

Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code

EPSS Score⁠: 0.00043 (0.133)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADVISORY - github

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADVISORY - redhat

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Impacted images

Advisories

NIST

CREATED

2 days ago

UPDATED

9 hours ago

ADVISORY IDCVE-2025-67030⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-22⁠

CVSS SCORE

8.8high

GitHub

CREATED

2 days ago

UPDATED

10 hours ago

ADVISORY IDGHSA-6fmv-xxpf-w3cw⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-22⁠

CVSS SCORE

N/Ahigh

Ubuntu

CREATED

1 day ago

UPDATED

1 day ago

ADVISORY IDCVE-2025-67030⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

3 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2025-67030⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-22⁠

CVSS SCORE

8.3high