3 matches found
Path Traversal
uimaj-core is vulnerable to path traversal. The vulnerability is due to FileUtil.java, which allows an attacker to create files outside the designated target directory using carefully crafted zip file names...
ch.epfl.bbp.nlp:bluima_abbreviations (>=1.0.0 <=1.0.1), ch.epfl.bbp.nlp:bluima_corpora (>=1.0.0 <=1.0.1) +949 more potentially affected by CVE-2022-32287 via org.apache.uima:uimaj-core (>=2.10.0 <=3.3.0)
org.apache.uima:uimaj-core MAVEN version =2.10.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 - ch.epfl.bbp.nlp:bluimatypesystem =1.0.1 and more Source cves: CVE-2022-32287 Source advisory: OSV:GHSA-XGQR-5WQW-9FPV...
com.github.document-analysis:dap-dkpro_1_8 (=0.1.1), com.github.document-analysis:dap-uimafit (=0.1.1) +49 more potentially affected by CVE-2017-15691 via org.apache.uima:uimaj-core (>=2.10.0 <=2.10.1)
org.apache.uima:uimaj-core MAVEN version =2.10.0, =1.0.0, =1.0.0, =1.0-beta05, =1.0-beta05, =1.0-beta05, =1.0-beta05, =1.4.1.5-jdk1.8, =1.4.1.5-jdk1.8, =2.0.1.0-jdk8, =3.0.1, =1.3.0, =1.0.2, =2.0.1.0-jdk11 and more Source cves: CVE-2017-15691 Source advisory: OSV:GHSA-WP2F-HRG2-3R5M...