Lucene search
K

85 matches found

Positive Technologies
Positive Technologies
added 2023/11/14 12:0 a.m.4 views

PT-2023-35583 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the org.apache.lucene.util.ArrayUtil.growExact function, which is called by...

7AI score
Exploits0References2
OSV
OSV
added 2023/09/20 2:1 p.m.8 views

OSV-2023-883 Security exception in org.apache.lucene.util.ArrayUtil.copyOfSubArray

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62524 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.copyOfSubArray org.apache.lucene.util.BytesRef.deepCopyOf org.apache.lucene.index.Term...

7.1AI score
Exploits0References1
OSV
OSV
added 2023/09/06 2:0 p.m.10 views

OSV-2023-793 Security exception in org.apache.lucene.util.BytesRefBuilder.<init>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62034 Crash type: Security exception Crash state: org.apache.lucene.util.BytesRefBuilder. org.apache.lucene.analysis.tokenattributes.CharTermAttributeImpl.clone...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/09/06 12:0 a.m.5 views

PT-2023-35994 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported. The crash involves the org.apache.lucene.util.BytesRefBuilder constructor, and the clone methods of...

7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/17 12:0 a.m.4 views

PT-2023-35956 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: The issue is related to a security exception in the org.apache.lucene.util.automaton.RegExp.toAutomaton function. It involves the java.base/java.util.BitSet.ensureCapacity and...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/08/14 12:0 a.m.3 views

PT-2023-35954 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the CharTermAttributeImpl.clone and PackedTokenAttributeImpl.clone functions. Recommendations: At th...

7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/31 12:0 a.m.2 views

PT-2023-35928 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: The issue is related to a security exception in the org.apache.lucene.util.automaton.RegExp.toAutomaton function. It involves the java.base/java.util.BitSet.ensureCapacity and...

6.9AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/23 12:0 a.m.2 views

PT-2023-35923 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: The issue is related to a security exception in the org.apache.lucene.util.automaton.RegExp.toAutomaton function. It involves the java.base/java.util.BitSet.ensureCapacity and...

6.9AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 11:31 a.m.13 views

Security Bulletin: Denial of Service Vulnerability in Apache Solr used by IBM Operations Analytics - Log Analysis

Summary There is a potential denial of service in Apache Solr that is used by IBM Operations Analytics - Log Analysis Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remote attacker cou...

6.9AI score
Exploits0Affected Software1
OSV
OSV
added 2023/07/01 2:0 p.m.4 views

OSV-2023-533 Security exception in org.apache.lucene.util.ArrayUtil.growExact

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60248 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.growExact org.apache.lucene.util.ArrayUtil.grow org.apache.lucene.util.BytesRefBuilder.grow...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/01 12:0 a.m.3 views

PT-2023-35892 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the org.apache.lucene.util.ArrayUtil.growExact function, which is called by...

7AI score
Exploits0References2
OSV
OSV
added 2023/05/19 2:2 p.m.17 views

OSV-2023-408 Security exception in org.apache.lucene.util.ArrayUtil.growExact

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=59071 Crash type: Security exception Crash state: org.apache.lucene.util.ArrayUtil.growExact org.apache.lucene.util.ArrayUtil.grow org.apache.lucene.util.BytesRefBuilder.grow...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/19 12:0 a.m.6 views

PT-2023-35834 · Apache · Apache Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: A security exception crash has been reported in Apache Lucene. The crash occurs in the org.apache.lucene.util.ArrayUtil.growExact function, which is called by...

7AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/02 8:39 p.m.14 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Apache Lucene

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Apache Lucene. Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression query, a remote attacker could...

6.9AI score
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/24 9:4 p.m.104 views

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2020-7789, CVE-2020-7598, CVE-2021-44906 , XFID: 216835, XFID: 220063)

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.2.4 FP1 These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.1.7 FP6 where applicable. The following 3rd party components are used by IBM Cognos Analytics: Apache Lucene is a...

9.8CVSS9.3AI score0.04581EPSS
Exploits3Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.108 views

K10631153: Apache Solr vulnerability CVE-2017-12629

Security Advisory Description Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to...

9.8CVSS9AI score0.91896EPSS
Exploits11
CNVD
CNVD
added 2021/06/29 12:0 a.m.30 views

Unauthorized Access Vulnerability in Apache Solr

Apache Solr is an open source search service , using the Java language development , mainly based on HTTP and Apache Lucene implementation . An unauthorized access vulnerability exists in Apache Solr, which can be exploited by attackers to obtain sensitive information...

6.8AI score
Exploits0
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.15 views

Fedora: Security Advisory for lucene (FEDORA-2020-cf8ef2f333)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.7AI score
Exploits0References2
Fedora
Fedora
added 2020/08/31 3:50 p.m.41 views

[SECURITY] Fedora 32 Update: lucene-8.4.1-9.fc32

Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform...

9.4CVSS2.3AI score0.11138EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/22 12:0 a.m.26 views

Apache Solr < 7.1.0 Remote Code Execution

Remote code execution occurs in Apache Solr versions 7.1.0 with Apache Lucene 7.1.0 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. This can be exploited to upload malicious data to the /upload request handler or as Blind XX...

9.8CVSS7.8AI score0.91896EPSS
Exploits11References2
Rows per page
Query Builder