[Apollo] Advisories Statistics light light Login

RLSA-2026:40841

Security Mirrored from RHSA-2026:40841
Issued at: 2026-07-16
Updated at: 2026-07-16

Synopsis

Important: maven:3.8 security update



Description

Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information.

Security Fix(es):

* org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method (CVE-2025-67030)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2451409

CVEs

CVE-2025-67030

Affected packages

Rocky Linux 8 aarch64 - AppStream

apache-commons-cli-0:1.5.0-5.module+el8.10.0+1811+d28a527b.noarch.rpm apache-commons-cli-0:1.5.0-5.module+el8.10.0+1811+d28a527b.src.rpm apache-commons-codec-0:1.15-8.module+el8.10.0+1811+d28a527b.noarch.rpm apache-commons-codec-0:1.15-8.module+el8.10.0+1811+d28a527b.src.rpm apache-commons-io-1:2.11.0-3.module+el8.10.0+1811+d28a527b.noarch.rpm apache-commons-io-1:2.11.0-3.module+el8.10.0+1811+d28a527b.src.rpm apache-commons-lang3-0:3.12.0-8.module+el8.10.0+1811+d28a527b.noarch.rpm apache-commons-lang3-0:3.12.0-8.module+el8.10.0+1811+d28a527b.src.rpm atinject-0:1.0.5-5.module+el8.10.0+1811+d28a527b.noarch.rpm atinject-0:1.0.5-5.module+el8.10.0+1811+d28a527b.src.rpm cdi-api-0:2.0.2-7.module+el8.10.0+1811+d28a527b.noarch.rpm cdi-api-0:2.0.2-7.module+el8.10.0+1811+d28a527b.src.rpm google-guice-0:4.2.3-10.module+el8.10.0+1811+d28a527b.noarch.rpm google-guice-0:4.2.3-10.module+el8.10.0+1811+d28a527b.src.rpm guava-0:31.0.1-5.module+el8.10.0+1811+d28a527b.noarch.rpm guava-0:31.0.1-5.module+el8.10.0+1811+d28a527b.src.rpm httpcomponents-client-0:4.5.13-6.module+el8.10.0+1811+d28a527b.noarch.rpm httpcomponents-client-0:4.5.13-6.module+el8.10.0+1811+d28a527b.src.rpm httpcomponents-core-0:4.4.13-8.module+el8.10.0+1811+d28a527b.noarch.rpm httpcomponents-core-0:4.4.13-8.module+el8.10.0+1811+d28a527b.src.rpm jakarta-annotations-0:1.3.5-15.module+el8.10.0+1811+d28a527b.noarch.rpm jakarta-annotations-0:1.3.5-15.module+el8.10.0+1811+d28a527b.src.rpm jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.src.rpm jansi-debuginfo-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm jansi-debugsource-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm jcl-over-slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.noarch.rpm jsr-305-0:3.0.2-7.module+el8.10.0+1811+d28a527b.noarch.rpm jsr-305-0:3.0.2-7.module+el8.10.0+1811+d28a527b.src.rpm maven-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-1:3.8.5-6.module+el8.10.0+1811+d28a527b.src.rpm maven-lib-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-openjdk11-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-openjdk17-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-openjdk21-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-openjdk8-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-resolver-1:1.7.3-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-resolver-1:1.7.3-6.module+el8.10.0+1811+d28a527b.src.rpm maven-shared-utils-0:3.3.4-6.module+el8.10.0+1811+d28a527b.noarch.rpm maven-shared-utils-0:3.3.4-6.module+el8.10.0+1811+d28a527b.src.rpm maven-wagon-0:3.5.1-3.module+el8.10.0+1811+d28a527b.noarch.rpm maven-wagon-0:3.5.1-3.module+el8.10.0+1811+d28a527b.src.rpm plexus-cipher-0:2.0-3.module+el8.10.0+1811+d28a527b.noarch.rpm plexus-cipher-0:2.0-3.module+el8.10.0+1811+d28a527b.src.rpm plexus-classworlds-0:2.6.0-13.module+el8.10.0+1811+d28a527b.noarch.rpm plexus-classworlds-0:2.6.0-13.module+el8.10.0+1811+d28a527b.src.rpm plexus-containers-0:2.1.1-3.module+el8.10.0+1811+d28a527b.src.rpm plexus-containers-component-annotations-0:2.1.1-3.module+el8.10.0+1811+d28a527b.noarch.rpm plexus-interpolation-0:1.26-13.module+el8.10.0+1811+d28a527b.noarch.rpm plexus-interpolation-0:1.26-13.module+el8.10.0+1811+d28a527b.src.rpm plexus-sec-dispatcher-0:2.0-5.module+el8.10.0+1811+d28a527b.noarch.rpm plexus-sec-dispatcher-0:2.0-5.module+el8.10.0+1811+d28a527b.src.rpm plexus-utils-0:3.3.0-11.module+el8.10.0+1811+d28a527b.noarch.rpm plexus-utils-0:3.3.0-11.module+el8.10.0+1811+d28a527b.src.rpm sisu-1:0.3.5-3.module+el8.10.0+1811+d28a527b.noarch.rpm sisu-1:0.3.5-3.module+el8.10.0+1811+d28a527b.src.rpm slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.noarch.rpm slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.src.rpm

Rocky Linux 8 x86_64 - AppStream

jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm jansi-debuginfo-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm jansi-debugsource-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm