CVE-2022-36022

Name of the Vulnerable Software and Affected Versions Deeplearning4J versions through 1.0.0-M2.1

Description The issue affects users of older NLP examples that reference an old S3 bucket. The problem arises from the use of some unclaimed S3 buckets in tests and examples. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For versions through 1.0.0-M2.1, upgrade to snapshots as a fix is planned to be published in a later release. As a temporary workaround, download a word2vec google news vector from a new source using git lfs.