Description

All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.

Remediation

References

https://snyk.io/vuln/SNYK-JS-CORENLPJSINTERFACE-1050435

Related Vulnerabilities

CVE-2014-7808 Vulnerability in maven package org.apache.wicket:wicket-util

CVE-2016-10735 Vulnerability in maven package org.webjars.bower:bootstrap-sass

CVE-2021-23443 Vulnerability in npm package edge.js

CVE-2016-10654 Vulnerability in npm package sfml

CVE-2022-0841 Vulnerability in npm package npm-lockfile

Severity

Critical

Classification

CWE-78

Tags

Third Party Advisory