Bug 2139926 (CVE-2022-32287)

Summary: CVE-2022-32287 apache uima: path traversal during archive extraction
Product: [Other] Security Response Reporter: Nick Tait <ntait>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: aileenc, balejosg, bbuckingham, bcourt, btotty, chazlett, ehelms, gmalinko, janstey, jolee, jpavlik, jschatte, jsherril, jstastny, jwon, lzap, mhulan, mmccune, myarboro, nmoumoul, orabin, pantinor, pcreech, pdelbell, peholase, pjindal, rchan
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: uima 3.3.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-11-08 21:16:04 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2139929    

Description Nick Tait 2022-11-03 21:02:31 UTC 
A relative path traversal vulnerability in a FileUtil class used by the PEAR management component of Apache UIMA allows an attacker to create files outside the designated target directory using carefully crafted ZIP entry names. This issue affects Apache UIMA version 3.3.0 and prior. Note that PEAR files should never be installed into an UIMA installation from untrusted sources because PEAR archives are executable plugins that will be able to perform any actions with the same privileges as the host Java Virtual Machine.

https://lists.apache.org/thread/57vk0d79j94d0lk0vol8xn935yv1shdd
http://www.openwall.com/lists/oss-security/2022/11/03/4