Lucene search
GoogleOSV:GHSA-998J-J6V9-5846HistoryMay 17, 2022 - 4:39 a.m.
Apache Solr UpdateRequestHandler for XML resolves XML External Entities
2022-05-1704:39:49
Google
osv.dev
12
0.002 Low
EPSS
Percentile
61.9%
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
rhn.redhat.com/errata/RHSA-2013-1844.html
rhn.redhat.com/errata/RHSA-2014-0029.html
secunia.com/advisories/55542
secunia.com/advisories/59372
svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup
www.openwall.com/lists/oss-security/2013/11/29/2
github.com/apache/lucene-solr
github.com/apache/lucene-solr/commit/f230486ce6707762c1a6e81655d0fac52887906d
issues.apache.org/jira/browse/SOLR-3895
nvd.nist.gov/vuln/detail/CVE-2013-6407
Related
nvd
nvd
debiancve
debiancve
cve
cve
github
github
Apache Solr UpdateRequestHandler for XML resolves XML External Entities
2022-05-17 04:39:49
XML Injection in Apache Solr
2022-05-17 04:39:49
Improper Restriction of XML External Entity Reference in Apache Solr
2022-05-17 04:50:16
ubuntucve
ubuntucve
cvelist
cvelist
ibm
ibm
openvas
openvas
nessus
nessus
Apache Solr < 4.3.1 XML External Entity Injection
2014-01-07 00:00:00
Apache Solr < 4.1.0 Multiple XML External Entity Injections
2014-01-07 00:00:00
Debian DSA-2963-1 : lucene-solr - security update
2014-06-18 00:00:00
osv
osv
XML Injection in Apache Solr
2022-05-17 04:39:49
Improper Restriction of XML External Entity Reference in Apache Solr
2022-05-17 04:50:16
lucene-solr - security update
2014-06-17 00:00:00
securityvulns
securityvulns
Vulnerabilities in Apache Solr < 4.6.0
2014-01-09 00:00:00
debian
debian
[SECURITY] [DSA 2963-1] lucene-solr security update
2014-06-17 19:32:03
redhat
redhat
(RHSA-2014:0029) Important: Red Hat JBoss Data Grid 6.2.0 update
2014-01-15 17:38:16