Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

Debian 7 DLA-1360-1 Moderate: Lucene-Solr XXE File Access

debian lts
Calendar Grey April 24, 2018
Dist Debian Esm H88
A recently identified XML external entity expansion flaw in lucene-solr permits unauthorized file retrieval from the Solr server.
It was discovered that there was an XML external entity expansion (XXE) vulnerability in lucene-solr, a search engine library for Java

Summary

We recommend that you upgrade your lucene-solr packages.


Regards,

- --
,'`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-



Severity
important
Lowest
Low
Medium
High
Critical

Package: lucene-solr
Version: 3.6.0+dfsg-1+deb7u4
CVE ID: CVE-2018-1308
Debian Bug: #896604

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.