pkg:maven/edu.stanford.nlp/stanford-corenlp

Type maven

Namespace edu.stanford.nlp

Name stanford-corenlp

Known advisories, vulnerabilities and fixes for edu.stanford.nlp/stanford-corenlp package.

Repository: https://mvnrepository.com/artifact/edu.stanford.nlp/stanford-corenlp

Critical 3

High 1

Moderate 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	<= 4.3.0		CVE-2021-3878	MAVEN:GHSA-5H9G-8XCV-QJQ9	Improper Restriction of XML External Entity Reference in Stanford CoreNLP	critical	2022-05-24T19:17:42 (2 years ago)
Fixed	= 4.3.1		CVE-2021-3878	MAVEN:GHSA-5H9G-8XCV-QJQ9	Improper Restriction of XML External Entity Reference in Stanford CoreNLP	critical	2022-05-24T19:17:42 (2 years ago)
Affected	<= 4.3.2		CVE-2022-0239	MAVEN:GHSA-75VW-3M5V-FPRH	corenlp is vulnerable to Improper Restriction of XML External Entity Reference	critical	2022-01-21T23:43:11 (2 years ago)
Affected	<= 4.3.0		CVE-2021-3869	MAVEN:GHSA-8GF7-W3CP-GFH3	Improper Restriction of XML External Entity Reference in Stanford CoreNLP	high	2022-05-24T19:18:01 (2 years ago)
Fixed	= 4.3.1		CVE-2021-3869	MAVEN:GHSA-8GF7-W3CP-GFH3	Improper Restriction of XML External Entity Reference in Stanford CoreNLP	high	2022-05-24T19:18:01 (2 years ago)
Affected	<= 4.3.2		CVE-2022-0198	MAVEN:GHSA-MH83-JCW5-RJH8	XML External Entity Reference in edu.stanford.nlp:stanford-corenlp	moderate	2022-01-14T21:07:23 (2 years ago)
Affected	<= 4.3.2		CVE-2021-44550	MAVEN:GHSA-X2P8-RGFM-QW3V	Access Control vulnerability within CoreNLP	critical	2022-02-25T00:01:07 (2 years ago)
Fixed	= 4.4.0		CVE-2021-44550	MAVEN:GHSA-X2P8-RGFM-QW3V	Access Control vulnerability within CoreNLP	critical	2022-02-25T00:01:07 (2 years ago)