Lucene search
K

106 matches found

Chainguard
Chainguard
added 6 days ago7 views

GHSA-FF52-PH69-CF7X vulnerabilities

Vulnerabilities for packages: mongodb-kubernetes-operator, mountpoint-s3-csi-driver, nri-haproxy, kubernetes-dashboard-metrics-scraper-fips, ollama-fips, kapp-controller, crossplane-provider-aws-cloudfront-fips, infinispan-operator, azuredisk-csi-fips, crossplane-provider-aws-cloudsearch-fips,...

6.1AI score
Exploits0
Snyk
Snyk
added 2026/07/03 11:17 a.m.4 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Lucene.Net.Replicator process. An attacker can access arbitrary files on the server by submitting crafted requests containing path traversal sequences. Details A Directory Traversal attack also known as path...

8.9CVSS6.5AI score0.00703EPSS
Exploits0References2
Snyk
Snyk
added 2026/07/03 9:19 a.m.6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Lucene.Net.Replicator process. An attacker can write arbitrary files to the client system by sending specially crafted data from a malicious server. Details A Directory Traversal attack also known as path...

8.9CVSS6.5AI score0.00616EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 9:16 a.m.11 views

CVE-2026-47896

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...

8.9CVSS0.00703EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 8:16 a.m.7 views

CVE-2026-47897

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...

8.9CVSS0.00616EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/03 7:48 a.m.51 views

CVE-2026-47896 Apache Lucene.Net: Unauthenticated arbitrary file read on the Lucene.Net.Replicator replication server

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...

8.9CVSS0.00703EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:48 a.m.6 views

CVE-2026-47896

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...

8.9CVSS5.9AI score0.00703EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/03 7:48 a.m.8 views

EUVD-2026-41519

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...

8.9CVSS5.9AI score0.00703EPSS
Exploits0References1
OSV
OSV
added 2026/07/03 7:48 a.m.4 views

CVE-2026-47896 Apache Lucene.Net: Unauthenticated arbitrary file read on the Lucene.Net.Replicator replication server

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017. Users are recommended to upgrade to version 4.8.0-beta00018...

8.9CVSS6.1AI score0.00703EPSS
Exploits0References5
CVE
CVE
added 2026/07/03 7:48 a.m.22 views

CVE-2026-47896

The CVE-2026-47896 entry concerns Apache Lucene.Net.Replicator. Affected versions are 4.8.0-beta00005 through 4.8.0-beta00017, with a fix in 4.8.0-beta00018. The root cause is an improper limitation of a pathname to a restricted directory, i.e., a path traversal vulnerability. The CVE record on C...

8.9CVSS5.9AI score0.00703EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/03 7:48 a.m.46 views

CVE-2026-47897 Apache Lucene.Net: Arbitrary file write from malicious server to Lucene.Net.Replicator client

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...

8.9CVSS0.00616EPSS
Exploits0References1
OSV
OSV
added 2026/07/03 7:48 a.m.3 views

CVE-2026-47897 Apache Lucene.Net: Arbitrary file write from malicious server to Lucene.Net.Replicator client

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...

8.9CVSS6.1AI score0.00616EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/07/03 7:48 a.m.10 views

CVE-2026-47897

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache Lucene.Net Lucene.Net.Replicator library. This issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018. Users are recommended to upgrade to version 4.8.0-beta00018,...

8.9CVSS5.9AI score0.00616EPSS
Exploits0References2
CVE
CVE
added 2026/07/03 7:48 a.m.20 views

CVE-2026-47897

CVE-2026-47897 is a path traversal vulnerability in Apache Lucene.Net.Replicator. Affected: Lucene.Net.Replicator library (versions from 4.8.0-beta00005 up to, but before, 4.8.0-beta00018). Root cause: improper limitation of a pathname to a restricted directory, enabling potential access to restr...

8.9CVSS5.9AI score0.00616EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.26 views

PT-2026-55504

Name of the Vulnerable Software and Affected Versions Apache Lucene.Net.Replicator versions 4.8.0-beta00005 through 4.8.0-beta00017 Description A path traversal issue exists in the Lucene.Net.Replicator library due to improper input validation and sanitization of filesystem paths. This allows...

8.9CVSS5.9AI score0.00616EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.13 views

PT-2026-55516

Name of the Vulnerable Software and Affected Versions Apache Lucene.Net.Replicator versions 4.8.0-beta00005 through 4.8.0-beta00017 Description A Path Traversal issue exists in the Lucene.Net.Replicator library, which allows an unauthenticated user to perform an arbitrary file read on the...

8.9CVSS6.1AI score0.00703EPSS
Exploits0References8
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.12 views

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: kube-fluentd-operator, karpenter, amazon-cloudwatch-agent-operator, buf, git-sync, chezmoi, act, kube-vip, kafkaexporter, nri-couchbase, k8ssandra-client, splunk-otel-collector, kubernetes-ingress-defaultbackend, smarter-device-manager, crossplane-provider-azure-sql,...

7.5CVSS6.9AI score0.00349EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/02 4:57 p.m.6 views

CVE-2026-2265

An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...

6.5CVSS6.5AI score0.00368EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/01 6:36 p.m.7 views

@belym.a.2105/testcafe (>=0.13.0-nightly.96bf9c47 <=1.15.0-alpha.4), @benbender/jest-config (>=0.1.0 <=0.6.0) +131 more potentially affected by CVE-2026-2265 via replicator (=1.0.5)

replicator NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on replicator and may be impacted: - @belym.a.2105/testcafe =0.13.0-nightly.96bf9c47, =0.1.0, =1.8.5, =0.1.0-alpha.1, =1.1.4-alpha.30, =0.0.49, =3.7.4-depup.0, =0.0.0, =1.0.1,...

6.5CVSS5.8AI score0.00368EPSS
Exploits0
EUVD
EUVD
added 2026/04/01 6:36 p.m.4 views

EUVD-2026-17958

An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...

6.5CVSS6.5AI score0.00368EPSS
Exploits0References4
Rows per page
Query Builder