edu.stanford.nlp:stanford-corenlp@1.3.5 vulnerabilities
-
latest version
4.5.6
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
2 months ago
-
licenses detected
- [1.2.0,3.5.0)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the edu.stanford.nlp:stanford-corenlp package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Improper Access Control via the classifier variable in How to fix Improper Access Control? Upgrade |
[,4.4.0)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection when a malicious schema XML file is passed to How to fix XML External Entity (XXE) Injection? Upgrade |
[,4.4.0)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. The How to fix XML External Entity (XXE) Injection? Upgrade |
[,4.4.0)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection via the How to fix XML External Entity (XXE) Injection? Upgrade |
[0,4.3.1)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection via the How to fix XML External Entity (XXE) Injection? Upgrade |
[0,4.3.1)
|