Description

All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.

Remediation

References

https://snyk.io/vuln/SNYK-JS-CORENLPJSINTERFACE-1050435

Related Vulnerabilities

CVE-2017-16016 Vulnerability in npm package sanitize-html

CVE-2021-21428 Vulnerability in maven package org.openapitools:openapi-generator-online

CVE-2020-28501 Vulnerability in npm package es6-crawler-detect

CVE-2019-12406 Vulnerability in maven package org.apache.cxf:cxf-core

CVE-2016-3674 Vulnerability in maven package org.jbehave:jbehave-core

Severity

Critical

Classification

CWE-78

Tags

Third Party Advisory