pkg:Maven/org.apache.opennlp:opennlp-tools

All known vulnerabilities

• CRITICAL9.8CVE-2026-42027Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest
  from 0, < 2.5.9
• CRITICAL9.8CVE-2017-12620Improper Restriction of XML External Entity Reference in Apache OpenNLP
  >= 1.5.0, < 1.8.2
• CRITICAL9.1CVE-2026-40682Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing
  from 0, < 2.5.9
• HIGH7.5Apache OpenNLP AbstractModelReader has an OOM Denial of Service via Unbounded Array Allocation
  from 0, < 2.5.9