← voltar
CVE-2022-0198

Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp

CVSS 6.1 MEDIUMEPSS 0.7%CWE-611
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Produtos afetados
stanfordnlp · stanfordnlp/corenlp

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/stanfordnlp/corenlp/commit/1f52136321cfca68b991bd7870563d06cf96624dhttps://huntr.dev/bounties/3d7e70fe-dddd-4b79-af62-8e058c4d5763