{"id":"RHSA-2018:1837","summary":"Red Hat Security Advisory: rh-maven33-plexus-archiver and rh-maven35-plexus-archiver security update","modified":"2026-03-19T10:30:27.020412Z","published":"2024-09-13T16:51:51Z","upstream":["CVE-2018-1002200"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1837"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"ARTICLE","url":"https://snyk.io/research/zip-slip-vulnerability"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1584392"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1837.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2018-1002200"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2018-1002200"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1002200"}],"affected":[{"package":{"name":"rh-maven33-plexus-archiver","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-maven33-plexus-archiver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.2-5.1.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1837.json"}},{"package":{"name":"rh-maven33-plexus-archiver-javadoc","ecosystem":"Red Hat:rhel_software_collections:3::el6","purl":"pkg:rpm/redhat/rh-maven33-plexus-archiver-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.2-5.1.el6"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1837.json"}},{"package":{"name":"rh-maven35-plexus-archiver","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-maven35-plexus-archiver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.4-4.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1837.json"}},{"package":{"name":"rh-maven35-plexus-archiver-javadoc","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-maven35-plexus-archiver-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.4-4.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1837.json"}},{"package":{"name":"rh-maven33-plexus-archiver","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-maven33-plexus-archiver"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.2-5.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1837.json"}},{"package":{"name":"rh-maven33-plexus-archiver-javadoc","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-maven33-plexus-archiver-javadoc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.4.2-5.1.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2018:1837.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}