Red Hat Security Advisory: plexus-archiver security update Advisory ID: SLSA-2023:6886 Issue Date: 2023-11-13 CVE Numbers: CVE-2023-37460 -- The Plexus project provides a full software stack for creating and executing software projects. Based on the Plexus container, the applications can utilise component-oriented programming to build modular, reusable components that can easily be assembled and reused. The plexus-archiver component provides functions to create and extract archives. Security Fix(es): * plexus-archiver: Arbitrary File Creation in AbstractUnArchiver (CVE-2023-37460) --- This content is derived from https://access.redhat.com/errata/RHSA-2023:6886 -- SL7 srpm plexus-archiver-0:2.4.2-6.el7_9.src noarch plexus-archiver-0:2.4.2-6.el7_9.noarch - Scientific Linux Development Team