8 matches found
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the Lucene.Net.Replicator process. An attacker can access arbitrary files on the server by submitting crafted requests containing path traversal sequences. Details A Directory Traversal attack also known as path...
EUVD-2026-41519
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...
CVE-2026-47897 Apache Lucene.Net: Arbitrary file write from malicious server to Lucene.Net.Replicator client
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...
SUSE CVE-2024-45772
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...
The vulnerability of the Lucene.Net.Replicator replication utility for the .NET platform’s full-text search library allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.
The vulnerability of the Lucene.Net.Replicator replication utility for.NET platform’s full-text search library is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain unauthorized access to protected...
GHSA-G643-XQ6W-R67C Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.
This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users are recommended to upgrade to version 9.12.0, which fixes the issue. The...
CVE-2024-45772
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...
CVE-2024-45772 Apache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...