8 matches found
Security Bulletin: Vulnerability in Apache UIMA ( CVE-2022-32287) may affect IBM watsonx Assistant for IBM Cloud Pak for Data
Summary A potential vulnerability CVE-2022-32287 has been identified related to Apache UIMA that may affect IBM watsonx Assistant for IBM Cloud Pak for Data. vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-32287 DESCRIPTION:...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Apache UIMA directory transversal vulnerability( CVE-2022-32287)
Summary Potential Apache UIMA directory transversal vulnerability CVE-2022-32287 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-32287 DESCRIPTION: Apache UIMA could allow a remo...
Security Bulletin: IBM Watson Explorer is affected by a vulnerability in Apache UIMA
Summary IBM Watson Explorer OneWEX and Foundational Components contains a vulnerable version of Apache UIMA. Vulnerability Details CVEID:CVE-2022-32287 DESCRIPTION: Apache UIMA could allow a remote attacker to traverse directories on the system, caused by improper validation of user supplied inpu...
Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.
Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Angular is part of the .NET RHEL infrastructure CVE-2021-4231. Apache UIMA is used by IBM Robotic Process Automation as part of Watson NLP CVE-2022-32287. SnakeYaml is used by IBM Robotic Process...
CVE-2022-32287
CVE-2022-32287 : A relative path traversal in the FileUtil class used by the PEAR management component of Apache UIMA can let an attacker craft ZIP entry names to create files outside the designated target directory. Affected product: Apache UIMA up to version 3.3.0 (and earlier). The issue arise...
CVE-2022-32287
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
CVE-2022-32287 Apache UIMA prior to 3.3.1 has a path traversal vulnerability when extracting (PEAR) archives
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...
CVE-2022-32287 Apache UIMA prior to 3.3.1 has a path traversal vulnerability when extracting (PEAR) archives
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior...