Issued at: 2026-07-16
Updated at: 2026-07-16
Synopsis
Important: maven:3.8 security update
Description
Maven is a software project management and comprehension tool. Based on the concept of a project object model (POM), Maven can manage a project's build, reporting and documentation from a central piece of information.
Security Fix(es):
* org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method (CVE-2025-67030)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 8 aarch64
Rocky Linux 8 x86_64
Fixes
2451409
CVEs
CVE-2025-67030
Affected packages
Rocky Linux 8 aarch64 - AppStream
apache-commons-cli-0:1.5.0-5.module+el8.10.0+1811+d28a527b.noarch.rpm
apache-commons-cli-0:1.5.0-5.module+el8.10.0+1811+d28a527b.src.rpm
apache-commons-codec-0:1.15-8.module+el8.10.0+1811+d28a527b.noarch.rpm
apache-commons-codec-0:1.15-8.module+el8.10.0+1811+d28a527b.src.rpm
apache-commons-io-1:2.11.0-3.module+el8.10.0+1811+d28a527b.noarch.rpm
apache-commons-io-1:2.11.0-3.module+el8.10.0+1811+d28a527b.src.rpm
apache-commons-lang3-0:3.12.0-8.module+el8.10.0+1811+d28a527b.noarch.rpm
apache-commons-lang3-0:3.12.0-8.module+el8.10.0+1811+d28a527b.src.rpm
atinject-0:1.0.5-5.module+el8.10.0+1811+d28a527b.noarch.rpm
atinject-0:1.0.5-5.module+el8.10.0+1811+d28a527b.src.rpm
cdi-api-0:2.0.2-7.module+el8.10.0+1811+d28a527b.noarch.rpm
cdi-api-0:2.0.2-7.module+el8.10.0+1811+d28a527b.src.rpm
google-guice-0:4.2.3-10.module+el8.10.0+1811+d28a527b.noarch.rpm
google-guice-0:4.2.3-10.module+el8.10.0+1811+d28a527b.src.rpm
guava-0:31.0.1-5.module+el8.10.0+1811+d28a527b.noarch.rpm
guava-0:31.0.1-5.module+el8.10.0+1811+d28a527b.src.rpm
httpcomponents-client-0:4.5.13-6.module+el8.10.0+1811+d28a527b.noarch.rpm
httpcomponents-client-0:4.5.13-6.module+el8.10.0+1811+d28a527b.src.rpm
httpcomponents-core-0:4.4.13-8.module+el8.10.0+1811+d28a527b.noarch.rpm
httpcomponents-core-0:4.4.13-8.module+el8.10.0+1811+d28a527b.src.rpm
jakarta-annotations-0:1.3.5-15.module+el8.10.0+1811+d28a527b.noarch.rpm
jakarta-annotations-0:1.3.5-15.module+el8.10.0+1811+d28a527b.src.rpm
jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm
jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.src.rpm
jansi-debuginfo-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm
jansi-debugsource-0:2.4.0-7.module+el8.10.0+1811+d28a527b.aarch64.rpm
jcl-over-slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.noarch.rpm
jsr-305-0:3.0.2-7.module+el8.10.0+1811+d28a527b.noarch.rpm
jsr-305-0:3.0.2-7.module+el8.10.0+1811+d28a527b.src.rpm
maven-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-1:3.8.5-6.module+el8.10.0+1811+d28a527b.src.rpm
maven-lib-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-openjdk11-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-openjdk17-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-openjdk21-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-openjdk8-1:3.8.5-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-resolver-1:1.7.3-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-resolver-1:1.7.3-6.module+el8.10.0+1811+d28a527b.src.rpm
maven-shared-utils-0:3.3.4-6.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-shared-utils-0:3.3.4-6.module+el8.10.0+1811+d28a527b.src.rpm
maven-wagon-0:3.5.1-3.module+el8.10.0+1811+d28a527b.noarch.rpm
maven-wagon-0:3.5.1-3.module+el8.10.0+1811+d28a527b.src.rpm
plexus-cipher-0:2.0-3.module+el8.10.0+1811+d28a527b.noarch.rpm
plexus-cipher-0:2.0-3.module+el8.10.0+1811+d28a527b.src.rpm
plexus-classworlds-0:2.6.0-13.module+el8.10.0+1811+d28a527b.noarch.rpm
plexus-classworlds-0:2.6.0-13.module+el8.10.0+1811+d28a527b.src.rpm
plexus-containers-0:2.1.1-3.module+el8.10.0+1811+d28a527b.src.rpm
plexus-containers-component-annotations-0:2.1.1-3.module+el8.10.0+1811+d28a527b.noarch.rpm
plexus-interpolation-0:1.26-13.module+el8.10.0+1811+d28a527b.noarch.rpm
plexus-interpolation-0:1.26-13.module+el8.10.0+1811+d28a527b.src.rpm
plexus-sec-dispatcher-0:2.0-5.module+el8.10.0+1811+d28a527b.noarch.rpm
plexus-sec-dispatcher-0:2.0-5.module+el8.10.0+1811+d28a527b.src.rpm
plexus-utils-0:3.3.0-11.module+el8.10.0+1811+d28a527b.noarch.rpm
plexus-utils-0:3.3.0-11.module+el8.10.0+1811+d28a527b.src.rpm
sisu-1:0.3.5-3.module+el8.10.0+1811+d28a527b.noarch.rpm
sisu-1:0.3.5-3.module+el8.10.0+1811+d28a527b.src.rpm
slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.noarch.rpm
slf4j-0:1.7.32-5.module+el8.10.0+1811+d28a527b.src.rpm
Rocky Linux 8 x86_64 - AppStream
jansi-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm
jansi-debuginfo-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm
jansi-debugsource-0:2.4.0-7.module+el8.10.0+1811+d28a527b.x86_64.rpm