Lucene search
@huntrdevCVELIST:CVE-2022-0239HistoryJan 17, 2022 - 6:15 a.m.
CVE-2022-0239 Improper Restriction of XML External Entity Reference in stanfordnlp/corenlp
2022-01-1706:15:11
CWE-611
@huntrdev
www.cve.org
2
corenlp
xml
entity restriction
vulnerability
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
9.7
Confidence
High
EPSS
0.002
Percentile
62.3%
corenlp is vulnerable to Improper Restriction of XML External Entity Reference
CNA Affected
[
{
"product": "stanfordnlp/corenlp",
"vendor": "stanfordnlp",
"versions": [
{
"lessThan": "4.3.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
huntr
huntr
in stanfordnlp/corenlp
2022-01-15 03:28:43
github
github
nvd
nvd
CVE-2022-0239
2022-01-17 07:15:06
cve
cve
CVE-2022-0239
2022-01-17 07:15:06
prion
prion
Xxe
2022-01-17 07:15:00
vulnrichment
vulnrichment
veracode
veracode
XML External Entity (XXE)
2022-01-18 04:14:50
osv
osv
nessus
nessus
Oracle Business Intelligence Enterprise Edition (OAS 7.0) (July 2024 CPU)
2024-07-22 00:00:00
qualysblog
qualysblog
Oracle Critical Patch Update, July 2024 Security Update Review
2024-07-17 14:34:50
ibm
ibm
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
CVSS3
4.7
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
AI Score
9.7
Confidence
High
EPSS
0.002
Percentile
62.3%
Related for CVELIST:CVE-2022-0239