edu.stanford.nlp:stanford-corenlp@4.2.2 vulnerabilities
-
latest version
4.5.6
-
latest non vulnerable version
-
first published
13 years ago
-
latest version published
3 months ago
-
licenses detected
- [3.5.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the edu.stanford.nlp:stanford-corenlp package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Improper Access Control via the classifier variable in How to fix Improper Access Control? Upgrade |
[,4.4.0)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection when a malicious schema XML file is passed to How to fix XML External Entity (XXE) Injection? Upgrade |
[,4.4.0)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. The How to fix XML External Entity (XXE) Injection? Upgrade |
[,4.4.0)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection via the How to fix XML External Entity (XXE) Injection? Upgrade |
[0,4.3.1)
|
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection via the How to fix XML External Entity (XXE) Injection? Upgrade |
[0,4.3.1)
|