EUVD-2023-1933

Malicious code in bioql PyPI...

CVE-2023-39020

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

GHSA-353M-JH2M-72V4 Code injection in stanford-parser

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

com.github.fracpete:nlp-weka-package (>=2015.3.25 <=2019.3.29), com.github.paramitamirza:CATENA (>=1.0.1 <=1.0.2) +8 more potentially affected by CVE-2023-39020 via edu.stanford.nlp:stanford-parser (>=3.2.0 <=3.9.2)

edu.stanford.nlp:stanford-parser MAVEN version =3.2.0, =2015.3.25, =1.0.1, =1.3.0, =1.1, =7.20.4, =8.0.1 - org.zalando.research:zap =1.0 Source cves: CVE-2023-39020 Source advisory: OSV:GHSA-353M-JH2M-72V4...

CVE-2023-39020

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

CVE-2023-39020

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

CVE-2023-39020

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

Code injection

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

CVE-2023-39020

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

CVE-2023-39020

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument...

PT-2023-26741 · Unknown · Stanford-Parser

Name of the Vulnerable Software and Affected Versions: stanford-parser versions 3.9.2 and below Description: The issue is related to a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument to t...

CVE-2023-39020

Summary: CVE-2023-39020 affects stanford-parser v3.9.2 and earlier. The issue is a code injection vulnerability in the function edu.stanford.nlp.io.getBZip2PipedInputStream, exploitable by passing an unchecked argument. Reported products/refs consistently tie the weakness to Stanford CoreNLP’s st...