Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-353m-jh2m-72v4: Code injection in stanford-parser

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument.

ghsa
#vulnerability#git

Code injection in stanford-parser

Critical severity GitHub Reviewed Published Jul 28, 2023 to the GitHub Advisory Database • Updated Aug 3, 2023

Related news

CVE-2023-39020: My-CVE-Public-References/edu_stanford_nlp_stanford-parser at main · LetianYuan/My-CVE-Public-References

stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument.

ghsa: Latest News

GHSA-hqmp-g7ph-x543: TunnelVision - decloaking VPNs using DHCP