It was discovered that Plexus Archiver incorrectly handled directory traversal during extraction. An attacker could possibly use this for a Zip-Slip attack.
{ "binaries": [ { "binary_version": "3.5-2ubuntu0.1~esm1", "binary_name": "libplexus-archiver-java" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro" }