Red Hat Security Advisory: plexus-archiver security update
Advisory ID: SLSA-2023:6886
Issue Date: 2023-11-13
CVE Numbers: CVE-2023-37460
—
The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. The plexus-archiver component provides functions to create and extract archives.
Security Fix(es):
* plexus-archiver: Arbitrary File Creation in AbstractUnArchiver (CVE-2023-37460)
—
This content is derived from https://access.redhat.com/errata/RHSA-2023:6886
—
SL7
srpm
plexus-archiver-0:2.4.2-6.el7_9.src
noarch
plexus-archiver-0:2.4.2-6.el7_9.noarch
– Scientific Linux Development Team
