Lucene search
Ubuntu.comUB:CVE-2013-6397HistoryDec 07, 2013 - 12:00 a.m.
CVE-2013-6397
2013-12-0700:00:00
ubuntu.com
ubuntu.com
19
0.528 Medium
EPSS
Percentile
97.6%
Directory traversal vulnerability in SolrResourceLoader in Apache Solr
before 4.6 allows remote attackers to read arbitrary files via a … (dot
dot) or full pathname in the tr parameter to solr/select/, when the
response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged
using a separate XXE (XML eXternal Entity) vulnerability to allow access to
files across restricted network boundaries.
Related
osv
osv
Improper Limitation of a Pathname to a Restricted Directory in Apache Solr
2022-05-17 04:04:29
lucene-solr - security update
2014-06-17 00:00:00
cve
cve
CVE-2013-6397
2013-12-07 20:55:00
checkpoint_advisories
checkpoint_advisories
Apache Solr SolrResourceLoader Directory Traversal (CVE-2013-6397)
2013-12-30 00:00:00
cvelist
cvelist
CVE-2013-6397
2013-12-07 20:00:00
github
github
Improper Limitation of a Pathname to a Restricted Directory in Apache Solr
2022-05-17 04:04:29
nessus
nessus
Apache Solr < 4.6.0 'SolrResourceLoader' Directory Traversal
2014-01-07 00:00:00
Debian DSA-2963-1 : lucene-solr - security update
2014-06-18 00:00:00
openvas
openvas
Apache Solr Directory Traversal Vulnerability (SOLR-4882, SOLR-5520) - Linux
2014-01-29 00:00:00
Debian Security Advisory DSA 2963-1 (lucene-solr - security update)
2014-06-17 00:00:00
prion
prion
Directory traversal
2013-12-07 20:55:00
debiancve
debiancve
CVE-2013-6397
2013-12-07 20:55:00
debian
debian
[SECURITY] [DSA 2963-1] lucene-solr security update
2014-06-17 19:32:28
securityvulns
securityvulns
Vulnerabilities in Apache Solr < 4.6.0
2014-01-09 00:00:00
redhat
redhat
(RHSA-2014:0029) Important: Red Hat JBoss Data Grid 6.2.0 update
2014-01-15 17:38:16