Description
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
Remediation
References
https://github.com/stanfordnlp/corenlp/commit/1940ffb938dc4f3f5bc5f2a2fd8b35aabbbae3dd
https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3
Related Vulnerabilities
CVE-2023-25653 Vulnerability in maven package org.webjars.npm:node-jose
CVE-2016-2175 Vulnerability in maven package org.apache.pdfbox:pdfbox
CVE-2021-26073 Vulnerability in npm package atlassian-connect-express
CVE-2022-23541 Vulnerability in npm package jsonwebtoken
CVE-2021-32621 Vulnerability in maven package org.xwiki.platform:xwiki-platform-dashboard-macro