Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApacheUimaj

3 matches found

CVE
CVEadded 2018/04/26 5:0 p.m.116 views

CVE-2017-15691

CVE-2017-15691 is a XML External Entity (XXE) vulnerability affecting Apache UIMA families (uimaj, uimaj-core, uima-as, uimaFIT, uimaj DUCC) where XXE capability in various XML parsers may lead to disclosure of local/internal files. Affected versions include Apache uimaj prior to 2.10.2, Apache u...

6.5CVSS6.1AI score0.09021EPSS
CVE
CVEadded 2022/11/03 12:0 a.m.81 views

CVE-2022-32287

CVE-2022-32287 : A relative path traversal in the FileUtil class used by the PEAR management component of Apache UIMA can let an attacker craft ZIP entry names to create files outside the designated target directory. Affected product: Apache UIMA up to version 3.3.0 (and earlier). The issue arise...

7.5CVSS7.2AI score0.01556EPSS
CVE
CVEadded 2023/11/08 8:4 a.m.69 views

CVE-2023-39913

CVE-2023-39913 affects Apache UIMA Java SDK prior to 3.5.0. Root cause: unsafe deserialization of Java objects (CasIOUtils CAS, binary CAS formats, Vinci ECS, CasAnnotationViewerApplet/CasTreeViewerApplet, CPE checkpointing) without verifying data, enabling potential remote arbitrary code executi...

8.8CVSS8.6AI score0.01471EPSS