Dependabot reported a high-severity open alert (GHSA-6fmv-xxpf-w3cw) against org.codehaus.plexus:plexus-utils versions >= 4.0.0, < 4.0.3. The Gradle module cache contained versions 4.0.1 and 4.0.2 (both in the vulnerable range), and an instrumented transform of 4.0.2 was present in Gradle’s 9.4.1 test-infrastructure cache.
plexus-utils is pulled transitively by AGP’s internal Maven Artifact Resolver, which uses it during Android compilation and test instrumentation. It is NOT on the server runtime classpath. Because this dependency flows through internal AGP machinery rather than an explicit project configuration, it does not appear in Gradle’s dependencies task output, but Dependabot’s full-graph scanner sees it and the Gradle module cache confirms the download.
plexus-utils = "4.0.3" to gradle/libs.versions.toml with a comment explaining the CVE scope and routing."org.codehaus.plexus:plexus-utils:4.0.3" to the buildscript { configurations.all { resolutionStrategy.force(...) } } block in build.gradle.kts, following the same pattern as jose4j and jdom2 (both build-classpath-only AGP transitives pinned in earlier CVE fixes).dependencies output can still be flagged by Dependabot. The buildscript { resolutionStrategy.force() } block is the right forcing mechanism for this class of dependency.build / toolchain only, confirm the classification by searching all project configurations, then pin in buildscript { resolutionStrategy.force() } rather than allprojects { resolutionStrategy.eachDependency {} }.libs.versions.toml + force in buildscript) is the correct template for all future build-classpath-only CVE pins.