12 matches found
EUVD-2022-2310
Malicious code in bioql PyPI...
XML Injection in Apache Solr
The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...
Security Bulletin: Multiple vulnerabilities in Apache Solr affect IBM Rational ClearQuest (CVE-2013-6407, CVE-2013-6408)
Summary The Apache Solr that is shipped with IBM Rational ClearQuest contains multiple security vulnerabilities. IBM Rational ClearQuest has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2013-6407 DESCRIPTION: Apache Solr could allow a remote authenticated attacker to obtain...
Apache Solr < 5.0 Multiple XXE
Binary data 9943.prm...
[SECURITY] [DSA 2963-1] lucene-solr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2963-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 17, 2014 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-2963-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: Red Hat Security Advisory: Red Hat JBoss Data Grid 6.2.0 update
Red Hat JBoss Data Grid 6.2.0, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base...
Solr: XML eXternal Entity (XXE) flaw in DocumentAnalysisRequestHandler
The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Enti...
Apache Solr < 4.1.0 Multiple XML External Entity Injections
The version of Apache Solr running on the remote web server is affected by multiple XML external entity injection vulnerabilities because the XML parser accepts XML data containing external entity declarations from untrusted sources. A remote, unauthenticated attacker can exploit this flaw to gai...
Xxe
The 1 UpdateRequestHandler for XSLT or 2 XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, different...
CVE-2013-6407
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...
CVE-2013-6407
CVE-2013-6407 (Apache Solr; Lucene-Solr) : The UpdateRequestHandler for XML in Solr before 4.1 is vulnerable to XML External Entity (XXE). A crafted XML with an external entity declaration and an entity reference can cause information disclosure. Affected: Solr/Lucene-Solr prior to 4.1. Root caus...