Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE Request: Apache Solr XXE
From: David Jorm <djorm () redhat com>
Date: Thu, 28 Nov 2013 23:55:17 -0500 (EST)

Hi All

Apache Solr 4.3.1, 4.4, 5.0 resolves multiple XXE flaws, as described in the following bugs:

https://issues.apache.org/jira/browse/SOLR-3895
https://issues.apache.org/jira/browse/SOLR-4881

I have confirmed that these issues can also be exploited on Apache Solr 3.6.2. Please assign a CVE ID for these XXE 
flaws (I think a single CVE ID is most appropriate).

Thanks
-- 
David Jorm / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]