Lucene search
+L

85 matches found

nvd
nvd
added 2026/07/03 8:16 a.m.5 views

CVE-2026-47898

Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net Lucene.Net.Analysis.Common library. This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018, which fixes...

9.8CVSS0.00328EPSS
Exploits0References2
osv
osv
added 2026/03/05 12:18 a.m.11 views

OSV-2026-356 Security exception in org.apache.lucene.util.ArrayUtil.copyOfSubArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489370855 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.copyOfSubArray org.apache.lucene.util.BytesRef.deepCopyOf org.apache.lucene.index.Term...

5.8AI score
Exploits0References1
ibm
ibm
added 2026/02/12 10:35 a.m.27 views

Security Bulletin: Apache Lucene PRISMA-2021-0081 X-Force 216835 security vulnerability

Summary Apache Lucene PRISMA-2021-0081 X-Force 216835 security vulnerability in FileNet Content Manager FNCM Content Search Services CSS/Enterprise Content Management Text Search ECMTS. CSS/ECMTS is affected and is potentially vulnerable. Vulnerability Details Refer to the security bulletins list...

7.8AI score
Exploits0Affected Software1
ibm
ibm
added 2025/12/01 3:39 p.m.7 views

Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to Apache Lucene

Summary IBM webMethods BPM uses Apache Lucene in designer-process-feature and metadata-core-feature for text processing and filtering purpose. Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression...

6.7AI score
Exploits0Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-2793

Malicious code in bioql PyPI...

8CVSS8.3AI score0.00582EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-31363

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00423EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/05/31 12:0 a.m.8 views

PT-2025-25487 · Git +1 · Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: The software experiences a security exception during the cloning process within the org.apache.lucene.util.AttributeImpl and org.apache.lucene.util.AttributeSource$State classes. The...

7AI score
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 8:7 a.m.21 views

CVE-2024-45772

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

8CVSS6.7AI score0.00582EPSS
Exploits0
osv
osv
added 2025/05/09 12:19 a.m.6 views

OSV-2025-348 Security exception in org.apache.lucene.analysis.miscellaneous.ConcatenateGraphFilter$BytesRefBuilderT

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=416302801 Crash type: Security exception Crash state: org.apache.lucene.analysis.miscellaneous.ConcatenateGraphFilter$BytesRefBuilderT org.apache.lucene.analysis.miscellaneous.ConcatenateGraphFilter$BytesRefBuilderT...

7.1AI score
Exploits0References1
osv
osv
added 2025/04/03 12:17 a.m.6 views

OSV-2025-253 Security exception in org.apache.lucene.analysis.ckb.SoraniNormalizer.normalize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=407477665 Crash type: Security exception Crash state: org.apache.lucene.analysis.ckb.SoraniNormalizer.normalize org.apache.lucene.analysis.ckb.SoraniNormalizationFilter.incrementToken...

7.1AI score
Exploits0References1
osv
osv
added 2025/03/16 12:2 a.m.4 views

OSV-2025-207 Security exception in org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=403330010 Crash type: Security exception Crash state: org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone org.apache.lucene.analysis.tokenattributes.PackedTokenAttributeImpl.clone...

7.1AI score
Exploits0References1
ibm
ibm
added 2025/02/27 1:14 p.m.6 views

Security Bulletin: Vulnerability in Apache Lucene affects watsonx.data

Summary Apache Lucene is vulnerable to a denial of service attack and could affect watsonx.data. Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remote attacker could exploit this...

6.8AI score
Exploits0Affected Software1
osv
osv
added 2024/11/01 12:7 a.m.10 views

OSV-2024-1254 Security exception in org.apache.lucene.util.ArrayUtil.growExact

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=376504918 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.growExact org.apache.lucene.util.ArrayUtil.grow org.apache.lucene.util.BytesRefBuilder.grow...

7.1AI score
Exploits0References1
ptsecurity
ptsecurity
added 2024/11/01 12:0 a.m.4 views

PT-2024-40621 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the org.apache.lucene.util.ArrayUtil.growExact function, which is called by...

7AI score
Exploits0References2
cve
cve
added 2024/10/31 9:57 a.m.94 views

CVE-2024-43383

The CVE-2024-43383 entry describes a Deserialization of Untrusted Data vulnerability in Apache Lucene.NET’s Replicator library. Affected versions are 4.8.0-beta00005 through 4.8.0-beta00016; an attacker who can intercept replication traffic or control the target replication node URL can craft a J...

8.1CVSS8.1AI score0.01234EPSS
Exploits0References2Affected Software1
osv
osv
added 2024/10/31 9:57 a.m.14 views

CVE-2024-43383 Apache Lucene.Net.Replicator: Remote Code Execution in Lucene.Net.Replicator

Deserialization of Untrusted Data vulnerability in Apache Lucene.Net.Replicator. This issue affects Apache Lucene.NET's Replicator library: from 4.8.0-beta00005 through 4.8.0-beta00016. An attacker that can intercept traffic between a replication client and server, or control the target replicati...

8CVSS7.8AI score0.01234EPSS
Exploits0References5
cnnvd
cnnvd
added 2024/10/31 12:0 a.m.8 views

Apache Lucene 安全漏洞

Apache Lucene is a free open source search engine software library from the Apache Foundation. A security vulnerability exists in Apache Lucene versions 4.8.0-beta00005 through 4.8.0-beta00016, which stems from the presence of an untrustworthy data deserialization vulnerability that could lead to...

8.1CVSS7.7AI score0.01234EPSS
Exploits0References1
ibm
ibm
added 2024/10/22 10:20 a.m.15 views

Security Bulletin: Apache Lucene denial of service Vulnerability Affects IBM Jazz Reporting Service

Summary There is a vulnerability in Apache Lucene used by IBM Jazz Reporting Service. This vulnerability has been addressed. 216835 Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remot...

6.8AI score
Exploits0Affected Software1
cnvd
cnvd
added 2024/10/17 12:0 a.m.6 views

Apache Lucene Deserialization Vulnerability

Apache Lucene is the United States Apache Apache Foundation, a free open source search engine software library. Apache Lucene suffers from a deserialization vulnerability that arises from unsafe deserialization of serialized data received by an application from a user, which can be exploited by a...

8CVSS7.2AI score0.00582EPSS
Exploits0References1
osv
osv
added 2024/10/09 12:4 a.m.8 views

OSV-2024-1191 Security exception in org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=371931330 Crash type: Security exception Crash state: org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII org.apache.lucene.analysis.miscellaneous.ASCIIFoldingFilter.foldToASCII...

7.1AI score
Exploits0References1
Rows per page
Query Builder