Apache Unstructured Information Management Architecture
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apache Unstructured Information Management Architecture.
By the Year
In 2026 there have been 0 vulnerabilities in Apache Unstructured Information Management Architecture. Unstructured Information Management Architecture did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 8.80 |
| 2022 | 1 | 7.50 |
It may take a day or so for new Unstructured Information Management Architecture vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Unstructured Information Management Architecture Security Vulnerabilities
Apache UIMA DUCC: Command Injection via Improper Input Neutralization
CVE-2023-28935
8.8 - High
- March 30, 2023
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" (DUCC) module of Apache UIMA, an authenticated user that has the permissions to modify core entities can cause command execution as the system user that runs the web process. As the "Distributed UIMA Cluster Computing" module for UIMA is retired, we do not plan to release a fix for this issue. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Command Injection
FileUtil Path Traversal in Apache UIMA PEAR (before 3.3.0)
CVE-2022-32287
7.5 - High
- November 03, 2022
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA Apache UIMA version 3.3.0 and prior versions. Note that PEAR files should never be installed into an UIMA installation from untrusted sources because PEAR archives are executable plugins that will be able to perform any actions with the same privileges as the host Java Virtual Machine.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Unstructured Information Management Architecture or by Apache? Click the Watch button to subscribe.
