pkg:maven/org.pf4j/pf4j
Type
maven
Namespace
org.pf4j
Name
pf4j
Known advisories, vulnerabilities and fixes for org.pf4j/pf4j package.
High
3
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | <= 3.9.0 |
CVE-2023-40826
|
MAVEN:GHSA-3R28-RGP9-QGV4 | pf4j vulnerable to remote code execution via the zippluginPath parameter | high |
2023-08-29T00:32:04
(12 months ago) |
|
Affected | <= 3.9.0 |
CVE-2023-40828
|
MAVEN:GHSA-CJ8W-V588-P8WX | pf4j vulnerable to remote code execution via expandIfZip method in the extract function | high |
2023-08-29T00:32:04
(12 months ago) |
|
Affected | <= 3.9.0 |
CVE-2023-40827
|
MAVEN:GHSA-RVM8-J2CP-J592 | pf4j vulnerable to remote code execution via loadpluginPath parameter | high |
2023-08-29T00:32:04
(12 months ago) |