Lucene search
K

65 matches found

Veracode
Veracode
added 2017/10/03 7:44 a.m.14 views

XML External Entity Processing (XXE)

Apache OpenNLP is vulnerable to XML external entity processing XXE attacks. The attacks can be launched because it does not sanitize the XML in the input, allowing the attackers to parse models or dictionaries with malicious XML...

9.8CVSS9.1AI score0.03016EPSS
Exploits5References2Affected Software2
OSV
OSV
added 2017/10/03 1:29 a.m.1 views

CVE-2017-12620

When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.7.0 to 1.7.2, 1.8.0 to 1.8.1 of Apache...

9.8CVSS7.3AI score0.03016EPSS
Exploits5References1
Prion
Prion
added 2017/10/03 1:29 a.m.11 views

Design/Logic Flaw

When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.7.0 to 1.7.2, 1.8.0 to 1.8.1 of Apache...

7.5CVSS9.3AI score0.03016EPSS
Exploits5References1Affected Software1
CVE
CVE
added 2017/10/02 2:0 p.m.85 views

CVE-2017-12620

CVE-2017-12620 describes an XML External Entity (XXE) vulnerability in Apache OpenNLP when loading models or dictionaries that contain XML from untrusted sources. The connected documents identify the affected OpenNLP versions: 1.5.0–1.5.3, 1.6.0, and 1.7.0–1.7.2, 1.8.0–1.8.1. The XXE issue is the...

9.8CVSS9.3AI score0.03016EPSS
Exploits5References1Affected Software1
Cvelist
Cvelist
added 2017/10/02 2:0 p.m.17 views

CVE-2017-12620

When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.7.0 to 1.7.2, 1.8.0 to 1.8.1 of Apache...

9.5AI score0.03016EPSS
Exploits5References1
Rows per page
Query Builder