Lucene search

Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-0115910E0445E2239062AC9C77204632

HistoryMay 17, 2022 - 12:00 a.m.

Apache Solr for TYPO3 (solr) extension is vulnerable to Insecure Unserialize

2022-05-1700:00:00

https://gitlab.com/gitlab-org/security-products/gemnasium-db

gitlab.com

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

71.0%

JSON

Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to “Insecure Unserialize.”

Affected configurations

Vulners

Node

packagistsolrRange<2.8.3

CPENameOperatorVersion
packagist/apache-solr-for-typo3/solrlt2.8.3

CPE	Name	Operator	Version
	packagist/apache-solr-for-typo3/solr	lt	2.8.3

References

secunia.com/advisories/54978

typo3.org/extensions/repository/view/solr

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-009/

www.securityfocus.com/bid/62674

github.com/advisories/GHSA-7m7g-jq4m-98w5

github.com/TYPO3-Solr/ext-solr/blob/2.8.3/ChangeLog

nvd.nist.gov/vuln/detail/CVE-2013-6288

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

71.0%

JSON

Related for GITLAB-0115910E0445E2239062AC9C77204632