14 matches found
Security Bulletin: Apache uimaj-core.jar security vulnerability CVE-2022-32287 and CVE-2023-39913 in FileNet Content Manager (FNCM) component Content Search Services (CSS) / Enterprise Content Management Text Search (ECMTS)
Summary Apache uimaj-core.jar security vulnerability CVE-2022-32287 and CVE-2023-39913 in FileNet Content Manager FNCM component Content Search Services CSS / Enterprise Content Management Text Search ECMTS Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...
Security Bulletin: Apache uimaj-core.jar security vulnerability CVE-2017-15691
Summary Apache uimaj-core.jar security vulnerability CVE-2017-15691 in FileNet Content Manager FNCM Content Search Services CSS/Enterprise Content Management Text Search ECMTS. CSS/ECMTS is affected and is potentially vulnerable. Vulnerability Details CVEID:CVE-2017-15691 DESCRIPTION: Apache uima...
Deserialization Of Untrusted Data
uimaj-tools is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to deserializing Java objects without proper data verification when users or developers utilize the CasIOUtils class in their applications and services to parse serialized CAS data. This weakness can...
Path Traversal
uimaj-core is vulnerable to path traversal. The vulnerability is due to FileUtil.java, which allows an attacker to create files outside the designated target directory using carefully crafted zip file names...
ch.epfl.bbp.nlp:bluima_abbreviations (>=1.0.0 <=1.0.1), ch.epfl.bbp.nlp:bluima_corpora (>=1.0.0 <=1.0.1) +949 more potentially affected by CVE-2022-32287 via org.apache.uima:uimaj-core (>=2.10.0 <=3.3.0)
org.apache.uima:uimaj-core MAVEN version =2.10.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 - ch.epfl.bbp.nlp:bluimatypesystem =1.0.1 and more Source cves: CVE-2022-32287 Source advisory: OSV:GHSA-XGQR-5WQW-9FPV...
com.github.document-analysis:dap-dkpro_1_8 (=0.1.1), com.github.document-analysis:dap-uimafit (=0.1.1) +49 more potentially affected by CVE-2017-15691 via org.apache.uima:uimaj-core (>=2.10.0 <=2.10.1)
org.apache.uima:uimaj-core MAVEN version =2.10.0, =1.0.0, =1.0.0, =1.0-beta05, =1.0-beta05, =1.0-beta05, =1.0-beta05, =1.4.1.5-jdk1.8, =1.4.1.5-jdk1.8, =2.0.1.0-jdk8, =3.0.1, =1.3.0, =1.0.2, =2.0.1.0-jdk11 and more Source cves: CVE-2017-15691 Source advisory: OSV:GHSA-WP2F-HRG2-3R5M...
Improper Restriction of XML External Entity Reference in Apache uimaj
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion XXE capability of various XML parsers. UIMA as part of its...
CVE-2017-15691
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion XXE capability of various XML parsers. UIMA as part of its...
XML External Entity (XXE)
uimaj is vulnerable to XML External Entity XXE attacks. The library does not disable document type declaration by default, allowing a malicious user to pass an XML file that can lead to arbitrary code execution or information disclosure...
CVE-2017-15691
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion XXE capability of various XML parsers. UIMA as part of its...
Xxe
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion XXE capability of various XML parsers. UIMA as part of its...
CVE-2017-15691
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion XXE capability of various XML parsers. UIMA as part of its...
CVE-2017-15691
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion XXE capability of various XML parsers. UIMA as part of its...
CVE-2017-15691
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion XXE capability of various XML parsers. UIMA as part of its...