3 matches found
CVE-2026-42440 vulnerabilities
Vulnerabilities for packages: thingsboard...
org.apache.opennlp:opennlp-distr (>=3.0.0-M1 <=3.0.0-M2) potentially affected by CVE-2026-42440 via org.apache.opennlp:opennlp-tools (>=3.0.0-M1 <=3.0.0-M2)
org.apache.opennlp:opennlp-tools MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M2 Source cves: CVE-2026-42440 Source advisory: SNYK:JAVA-ORGAPACHEOPENNLP-16535521...
CVE-2026-42440
OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...