Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-32287
HistoryNov 03, 2022 - 12:15 p.m.

CVE-2022-32287

2022-11-0312:15:09
CWE-22
[email protected]
web.nvd.nist.gov
5
cve-2022
path traversal
apache uima

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

46.3%

JSON

A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior versions. Note that PEAR files should never be installed into an UIMA installation from untrusted sources because PEAR archives are executable plugins that will be able to perform any actions with the same privileges as the host Java Virtual Machine.

Affected configurations

Nvd
Node
apacheuimajRange3.3.0
VendorProductVersionCPE
apacheuimaj*cpe:2.3:a:apache:uimaj:*:*:*:*:*:*:*:*

Related

cvelist 1
ibm 5
osv 2
cnvd 1
redhatcve 1
github 1
cve 1
ubuntucve 1
veracode 1
prion 1
cvelist
cvelist
CVE-2022-32287 Apache UIMA prior to 3.3.1 has a path traversal vulnerability when extracting (PEAR) archives
2022-11-03 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Apache UIMA directory transversal vulnerability( CVE-2022-32287)
2023-07-06 17:52:21
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache UIMA
2024-01-31 23:14:09
Security Bulletin: IBM Watson Explorer is affected by a vulnerability in Apache UIMA
2023-04-06 14:11:09
osv
osv
Apache UIMA Path Traversal vulnerability
2022-11-03 19:00:26
CVE-2022-32287
2022-11-03 12:15:09
cnvd
cnvd
Apache UIMA path traversal vulnerability
2022-11-05 00:00:00
redhatcve
redhatcve
CVE-2022-32287
2022-11-03 21:27:09
github
github
Apache UIMA Path Traversal vulnerability
2022-11-03 19:00:26
cve
cve
CVE-2022-32287
2022-11-03 12:15:09
ubuntucve
ubuntucve
CVE-2022-32287
2022-11-03 00:00:00
veracode
veracode
Path Traversal
2022-11-04 06:26:21
prion
prion
Path traversal
2022-11-03 12:15:00

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

46.3%

JSON
Related for NVD:CVE-2022-32287
cvelist1ibm5osv2cnvd1redhatcve1github1cve1ubuntucve1veracode1prion1