ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ai.tock:tock-nlp-model-stanford (>=19.9.0 <=22.3.2) +202 more potentially affected by CVE-2021-3869 via edu.stanford.nlp:stanford-corenlp (>=1.2.0 <=4.2.2)

edu.stanford.nlp:stanford-corenlp MAVEN version =1.2.0, =1.3, =19.9.0, =2.09, =2.7.3, =2.7.3, =2.7.3, =2.0.0, =2.0.1, =2.5, =3.0.1 - com.github.hungntbka:htime =1.0 - com.github.jenshaase.uimascala:arktweetpostagger2.11 =0.6.1 - com.github.jenshaase.uimascala:arktweettokenizer2.11 =0.6.1 -...

CVE-2021-3869

creationtimestamp| type| source ---|---|--- 2021-10-19 16:33:15+00:00| seen| https://t.me/cibsecurity/30754...

CVE-2021-3869

corenlp is vulnerable to Improper Restriction of XML External Entity Reference...

CVE-2021-3869

The CVE-2021-3869 entry concerns Stanford CoreNLP (corenlp) and is caused by improper restriction of XML External Entity (XXE) references. Public sources in the connected documents confirm this XXE vulnerability affecting CoreNLP, with references indicating potential exposure/read access issues v...