Lucene search
K

7 matches found

Github Security Blog
Github Security Blog
added 2026/05/04 6:30 p.m.17 views

Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: Before 2.5.9 Before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...

7.5CVSS5.9AI score0.00627EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/04 6:30 p.m.5 views

GHSA-659W-93R5-9J6M Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: Before 2.5.9 Before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field from a binary...

7.5CVSS5.9AI score0.00627EPSS
Exploits0References4
NVD
NVD
added 2026/05/04 5:16 p.m.13 views

CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...

7.5CVSS0.00627EPSS
Exploits0References5
OSV
OSV
added 2026/05/04 5:16 p.m.5 views

DEBIAN-CVE-2026-42440

OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 1.9.5 before 2.5.9 before 3.0.0-M3 Description: The AbstractModelReader methods getOutcomes, getOutcomePatterns, and getPredicates each read a 32-bit signed integer count field...

7.5CVSS5.9AI score0.00627EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.12 views

PT-2026-36637

Name of the Vulnerable Software and Affected Versions Apache OpenNLP versions prior to 2.5.9 Apache OpenNLP versions prior to 3.0.0-M3 Description An OutOfMemory OOM Denial of Service exists in the AbstractModelReader class. The methods getOutcomes, getOutcomePatterns, and getPredicates read a...

7.5CVSS5.8AI score0.00627EPSS
Exploits0References23
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.45 views

PT-2026-36635

Name of the Vulnerable Software and Affected Versions Apache OpenNLP versions prior to 2.5.9 Apache OpenNLP versions prior to 3.0.0-M3 Description The DictionaryEntryPersistor class initializes a static SAXParserFactory without enabling FEATURE SECURE PROCESSING or disabling DTD processing. When...

9.1CVSS5.8AI score0.00515EPSS
Exploits0References22
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.10 views

PT-2026-36636

Name of the Vulnerable Software and Affected Versions Apache OpenNLP versions prior to 2.5.9 Apache OpenNLP versions prior to 3.0.0-M3 Description The ExtensionLoader.instantiateExtensionClass, String function loads a class by its fully-qualified name using Class.forName and invokes its no-arg...

9.8CVSS6.1AI score0.00692EPSS
Exploits0References23
Rows per page
Query Builder