Vulnerable Library - checkstyle-11.0.1.jar
Path to dependency file: /artemis-java-template/build.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-utils/3.3.0/cf43b5391de623b36fe066a21127baef82c64022/plexus-utils-3.3.0.jar
Vulnerabilities
| Vulnerability |
Severity |
 CVSS |
Dependency |
Type |
Fixed in (checkstyle version) |
Remediation Possible** |
| CVE-2025-67030 |
 Critical |
9.8 |
plexus-utils-3.3.0.jar |
Transitive |
N/A* |
❌ |
| CVE-2025-46295 |
Critical |
9.8 |
commons-text-1.3.jar |
Transitive |
N/A* |
❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2025-67030
Vulnerable Library - plexus-utils-3.3.0.jar
A collection of various utility classes to ease working with strings, files, command lines, XML and
more.
Library home page: http://codehaus-plexus.github.io/
Path to dependency file: /artemis-java-template/build.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-utils/3.3.0/cf43b5391de623b36fe066a21127baef82c64022/plexus-utils-3.3.0.jar
Dependency Hierarchy:
- checkstyle-11.0.1.jar (Root Library)
- doxia-module-xdoc-1.12.0.jar
- ❌ plexus-utils-3.3.0.jar (Vulnerable Library)
Found in base branch: main
Vulnerability Details
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code
Publish Date: 2026-03-25
URL: CVE-2025-67030
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: GHSA-6fmv-xxpf-w3cw
Release Date: 2026-03-25
Fix Resolution: org.codehaus.plexus:plexus-utils:4.0.3
Step up your Open Source Security Game with Mend here
CVE-2025-46295
Vulnerable Library - commons-text-1.3.jar
Apache Commons Text is a library focused on algorithms working on strings.
Library home page: https://www.apache.org/
Path to dependency file: /artemis-java-template/build.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-text/1.3/9abf61708a66ab5e55f6169a200dbfc584b546d9/commons-text-1.3.jar
Dependency Hierarchy:
- checkstyle-11.0.1.jar (Root Library)
- doxia-core-1.12.0.jar
- ❌ commons-text-1.3.jar (Vulnerable Library)
Found in base branch: main
Vulnerability Details
Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could potentially achieve remote code execution. This vulnerability has been fully addressed in FileMaker Server 22.0.4.
Publish Date: 2025-12-16
URL: CVE-2025-46295
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.
Suggested Fix
Type: Upgrade version
Origin: https://support.claris.com/s/answerview?anum=000049059&language=en_US
Release Date: 2025-12-16
Fix Resolution: org.apache.commons:commons-text:1.10.0
Step up your Open Source Security Game with Mend here
Path to dependency file: /artemis-java-template/build.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-utils/3.3.0/cf43b5391de623b36fe066a21127baef82c64022/plexus-utils-3.3.0.jar
Vulnerabilities
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Vulnerable Library - plexus-utils-3.3.0.jar
A collection of various utility classes to ease working with strings, files, command lines, XML and more.
Library home page: http://codehaus-plexus.github.io/
Path to dependency file: /artemis-java-template/build.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.codehaus.plexus/plexus-utils/3.3.0/cf43b5391de623b36fe066a21127baef82c64022/plexus-utils-3.3.0.jar
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code
Publish Date: 2026-03-25
URL: CVE-2025-67030
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: GHSA-6fmv-xxpf-w3cw
Release Date: 2026-03-25
Fix Resolution: org.codehaus.plexus:plexus-utils:4.0.3
Step up your Open Source Security Game with Mend here
Vulnerable Library - commons-text-1.3.jar
Apache Commons Text is a library focused on algorithms working on strings.
Library home page: https://www.apache.org/
Path to dependency file: /artemis-java-template/build.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-text/1.3/9abf61708a66ab5e55f6169a200dbfc584b546d9/commons-text-1.3.jar
Dependency Hierarchy:
Found in base branch: main
Vulnerability Details
Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an attacker could potentially achieve remote code execution. This vulnerability has been fully addressed in FileMaker Server 22.0.4.
Publish Date: 2025-12-16
URL: CVE-2025-46295
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://support.claris.com/s/answerview?anum=000049059&language=en_US
Release Date: 2025-12-16
Fix Resolution: org.apache.commons:commons-text:1.10.0
Step up your Open Source Security Game with Mend here