Description
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
Remediation
References
https://github.com/stanfordnlp/corenlp/commit/1940ffb938dc4f3f5bc5f2a2fd8b35aabbbae3dd
https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3
Related Vulnerabilities
CVE-2022-36916 Vulnerability in maven package org.jenkins-ci.plugins:google-cloud-backup
CVE-2023-25570 Vulnerability in maven package com.ctrip.framework.apollo:apollo
CVE-2020-7760 Vulnerability in maven package org.webjars.npm:codemirror
CVE-2018-14042 Vulnerability in npm package bootstrap-sass
CVE-2021-38153 Vulnerability in maven package org.apache.kafka:kafka-clients