Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/05/17 12:29 a.m.6 views

ae.teletronics.nlp:entityextraction (=1.3), at.researchstudio.sat:won-matcher-rescal (>=0.3 <=0.6) +542 more potentially affected by CVE-2017-12620 via org.apache.opennlp:opennlp-tools (>=1.5.2-incubating <=1.8.1)

org.apache.opennlp:opennlp-tools MAVEN version =1.5.2-incubating, =0.3, =0.2, =3.6.1, =3.11.0, =2.0.0, =2.0.0, =1.1, =0.3, =0.2, =0.6, =0.8 - com.blazemeter:jmeter-plugins-rotating-listener =0.2 - com.centit.support:centit-es-client =0.1.1806 and more Source cves: CVE-2017-12620 Source advisory:...

9.8CVSS7.2AI score0.03016EPSS
Exploits5
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/14 9:21 p.m.54 views

Security Bulletin: IBM Cognos Analytics with Watson 11.2.1 has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics with Watson 11.2.1 Vulnerability Details CVEID: CVE-2017-12620 DESCRIPTION: Apache OpenNLP could allow a remote attacker to obtain sensitive information, caused by an XXE attack when loading models or dictionaries that...

9.8CVSS10.6AI score0.48019EPSS
Exploits11Affected Software1
0day.today
0day.today
added 2017/10/04 12:0 a.m.47 views

Apache OpenNLP XXE Vulnerability

Exploit for multiple platform in category remote exploits CVE-2017-12620 - Apache OpenNLP XXE vulnerability Severity: Medium Vendor: The Apache Software Foundation Versions Affected: OpenNLP 1.5.0 to 1.5.3 OpenNLP 1.6.0 OpenNLP 1.7.0 to 1.7.2 OpenNLP 1.8.0 to 1.8.1 Description: When loading model...

7.5CVSS9.3AI score0.03016EPSS
Exploits5
NVD
NVD
added 2017/10/03 1:29 a.m.12 views

CVE-2017-12620

When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources. The versions 1.5.0 to 1.5.3, 1.6.0, 1.7.0 to 1.7.2, 1.8.0 to 1.8.1 of Apache...

9.8CVSS9.4AI score0.03016EPSS
Exploits5References1
Rows per page
Query Builder