CVE-2021-44550
https://notcve.org/view.php?id=CVE-2021-44550
An Incorrect Access Control vulnerability exists in CoreNLP 4.3.2 via the classifier in NERServlet.java (lines 158 and 159). Se presenta una vulnerabilidad de Control de Acceso Incorrecto en CoreNLP versión 4.3.2, por medio del clasificador en NERServlet.java (líneas 158 y 159) • https://github.com/stanfordnlp/CoreNLP/issues/1222 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVE-2022-0239 – Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp
https://notcve.org/view.php?id=CVE-2022-0239
corenlp is vulnerable to Improper Restriction of XML External Entity Reference corenlp es vulnerable a una Restricción Inapropiada de una Referencia a Entidades Externas XML • https://github.com/stanfordnlp/corenlp/commit/1940ffb938dc4f3f5bc5f2a2fd8b35aabbbae3dd https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2022-0198 – Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp
https://notcve.org/view.php?id=CVE-2022-0198
corenlp is vulnerable to Improper Restriction of XML External Entity Reference corenlp es vulnerable a una Restricción Inapropiada de la Referencia a Entidades Externas XML • https://github.com/stanfordnlp/corenlp/commit/1f52136321cfca68b991bd7870563d06cf96624d https://huntr.dev/bounties/3d7e70fe-dddd-4b79-af62-8e058c4d5763 • CWE-611: Improper Restriction of XML External Entity Reference •