Debian Linux Security Advisory 4227-1 - Danny Grander discovered a directory traversal flaw in plexus-archiver, an Archiver plugin for the Plexus compiler system, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted Zip archive.
d3c1914fa737a19cb224ebf254a1293a2fbcf359167e4cefcdf083b95a676440
Red Hat Security Advisory 2018-1837-01 - The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. The plexus-archiver component provides functions to create and extract archives. Issues addressed include a code execution vulnerability.
ee3ffaa0d5cbc982763349c049fa7b83f3cb697d6aa52cf12b950d0a580f92f7
Red Hat Security Advisory 2018-1836-01 - The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. The plexus-archiver component provides functions to create and extract archives. Issues addressed include a code execution vulnerability.
44860545987c2bda0584dc5b5b2c7f7dc7b5e84c8107536963397effe4e2eead