5 matches found
CVE-2022-0239
corenlp is vulnerable to Improper Restriction of XML External Entity Reference...
Oracle Business Intelligence Enterprise Edition (OAS 7.0) (July 2024 CPU)
The version of Oracle Business Intelligence Enterprise Edition OAS 7.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...
CVE-2022-0239
corenlp is vulnerable to Improper Restriction of XML External Entity Reference...
CVE-2022-0239
The CVE-2022-0239 entry pertains to Stanford CoreNLP (corenlp) with an XML External Entity (XXE) processing flaw. Root cause: SchemaFactory is created without secure processing enabled and is used to validate XML against a schema, enabling XXE when processing malicious XML. Impact (per public rec...
CVE-2022-0239 Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp
corenlp is vulnerable to Improper Restriction of XML External Entity Reference...