Lucene search
K

8 matches found

Snyk
Snyk
added 2026/07/03 11:17 a.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Lucene.Net.Replicator process. An attacker can access arbitrary files on the server by submitting crafted requests containing path traversal sequences. Details A Directory Traversal attack also known as path...

8.9CVSS6.5AI score0.00703EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/03 7:48 a.m.8 views

EUVD-2026-41519

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...

8.9CVSS5.9AI score0.00703EPSS
Exploits0References1
OSV
OSV
added 2026/07/03 7:48 a.m.3 views

CVE-2026-47897 Apache Lucene.Net: Arbitrary file write from malicious server to Lucene.Net.Replicator client

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...

8.9CVSS6.1AI score0.00616EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/02/14 4:31 a.m.2 views

SUSE CVE-2024-45772

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

8CVSS8.9AI score0.00582EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/11/07 12:0 a.m.23 views

The vulnerability of the Lucene.Net.Replicator replication utility for the .NET platform’s full-text search library allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the Lucene.Net.Replicator replication utility for.NET platform’s full-text search library is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain unauthorized access to protected...

8CVSS6AI score0.01234EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/09/30 9:30 a.m.22 views

GHSA-G643-XQ6W-R67C Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.

This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users are recommended to upgrade to version 9.12.0, which fixes the issue. The...

5.1CVSS6.3AI score0.00582EPSS
Exploits0References4
OSV
OSV
added 2024/09/30 9:15 a.m.4 views

CVE-2024-45772

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

8CVSS5.8AI score0.00582EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/30 8:51 a.m.55 views

CVE-2024-45772 Apache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

5.1CVSS0.00582EPSS
Exploits0References1
Rows per page
Query Builder