Vulnerabilities > Apache > Opennlp > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-10-03 CVE-2017-12620 XXE vulnerability in Apache Opennlp
When loading models or dictionaries that contain XML it is possible to perform an XXE attack, since Apache OpenNLP is a library, this only affects applications that load models or dictionaries from untrusted sources.
network
low complexity
apache CWE-611
critical
9.8