Maven package
edu.stanford.nlp/stanford-corenlp
pkg:maven/edu.stanford.nlp/stanford-corenlp
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-44550 | — | < 4.4.0 | 4.4.0 | Feb 23, 2022 | An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and 159). | ||
| CVE-2022-0239 | Cri | 9.8 | < 4.4.0 | 4.4.0 | Jan 17, 2022 | corenlp is vulnerable to Improper Restriction of XML External Entity Reference | |
| CVE-2022-0198 | — | <= 4.3.2 | — | Jan 13, 2022 | corenlp is vulnerable to Improper Restriction of XML External Entity Reference | ||
| CVE-2021-3869 | — | < 4.3.1 | 4.3.1 | Oct 19, 2021 | corenlp is vulnerable to Improper Restriction of XML External Entity Reference | ||
| CVE-2021-3878 | — | < 4.3.1 | 4.3.1 | Oct 15, 2021 | corenlp is vulnerable to Improper Restriction of XML External Entity Reference |
- CVE-2021-44550Feb 23, 2022affected < 4.4.0fixed 4.4.0
An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and 159).
- affected < 4.4.0fixed 4.4.0
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
- CVE-2022-0198Jan 13, 2022affected <= 4.3.2
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
- CVE-2021-3869Oct 19, 2021affected < 4.3.1fixed 4.3.1
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
- CVE-2021-3878Oct 15, 2021affected < 4.3.1fixed 4.3.1
corenlp is vulnerable to Improper Restriction of XML External Entity Reference