Medium Severity

Security Bulletin: Multiple Vulnerabilities found in Apache Tika used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Share this post:

Multiple Vulnerabilities found in Apache Tika used by Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

CVE(s): CVE-2022-30126, CVE-2022-25169

Affected product(s) and affected version(s):

Affected Product(s) Version(s)
Content Collector for IBM Connections 4.0.1
Content Collector for File Systems 4.0.1
Content Collector for Email 4.0.1
Content Collector for Microsoft SharePoint 4.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/6598383
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226628
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/226627

More stories

Security Bulletin: A Unspecified Java Vulnerability is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data (CVE-2021-35550)

August 12, 2022 | Medium Severity

An unspecified vulnerability in Java is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. This vulnerability have been addressed. ...read more


Security Bulletin: CP4D Match 360 is affected by Identity Spoofing vulnerability in IBM WebSphere Application Server Liberty

August 12, 2022 | Medium Severity

IBM WebSphere Application Server Liberty is vulnerable to identity spoofing with the appSecurity-1.0, appSecurity-2.0, appSecurity-3.0 or appSecurity-4.0 feature enabled. This has been addressed. IBM Match 360 v4.5.0 and prior, is also vulnerable given that it uses WebSphere Application Server Liberty. ...read more


Security Bulletin: Watson Knowledge Catalog InstaScan is vulnerable to an XML External Entity (XXE) Injection vulnerability due to IBM WebSphere Application Server Liberty ( CVE-2021-20492 )

August 12, 2022 | Medium Severity

WebSphere Application Server Java Batch, that was included in Watson Knowledge Catalog InstaScan, is vulnerable to an XML External Entity Injection (XXE) vulnerability. This has been addressed. ...read more