Package impact
Maven / org.apache.opennlp:opennlp-tools
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42027 | critical | 9.8 | 9.8 | 24d ago | Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest | |
| CVE-2017-12620 | critical | 9.8 | 9.8 | 9y ago | Improper Restriction of XML External Entity Reference in Apache OpenNLP | |
| CVE-2026-40682 | critical | 9.1 | 9.1 | 24d ago | Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing | |
| CVE-2026-42440 | high | 7.5 | 7.5 | 24d ago | Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation |