EUVD-2022-6311

Malicious code in bioql PyPI...

Security Bulletin: IBM Storage Protect server is vulnerable to a file system access attack due to AWS SDK for Java (CVE-2022-31159)

Summary The AWS SDK for Java is used by IBM Storage Protect server as part of its AWS cloud support. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the system, caused by a flaw in the downloadDirector...

Security Bulletin: IBM Sterling B2B Integrator vulnerable to directory traversal due to AWS SDK for Java (CVE-2022-31159)

Summary IBM Sterling B2B Integrator has addressed the security vulnerability in AWS SDK for Java shipped with the product. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the system, caused by a flaw i...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in AWS SDK for Java

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of AWS SDK for Java. Vulnerability Details CVEID:CVE-2022-31159 DESCRIPTION: AWS SDK for Java could allow a remote authenticated attacker to traverse directories on the system, caused by a flaw in the...

CVE-2022-31159 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

The AWS SDK for Java enables Java developers to work with Amazon Web Services. A partial-path traversal issue exists within the downloadDirectory method in the AWS S3 TransferManager component of the AWS SDK for Java v1 prior to version 1.12.261. Applications using the SDK control the...