2 matches found
CVE-2017-15691
CVE-2017-15691 is a XML External Entity (XXE) vulnerability affecting Apache UIMA families (uimaj, uimaj-core, uima-as, uimaFIT, uimaj DUCC) where XXE capability in various XML parsers may lead to disclosure of local/internal files. Affected versions include Apache uimaj prior to 2.10.2, Apache u...
CVE-2023-39913
CVE-2023-39913 affects Apache UIMA Java SDK prior to 3.5.0. Root cause: unsafe deserialization of Java objects (CasIOUtils CAS, binary CAS formats, Vinci ECS, CasAnnotationViewerApplet/CasTreeViewerApplet, CPE checkpointing) without verifying data, enabling potential remote arbitrary code executi...