Home page logo

oss-sec logo oss-sec mailing list archives

CVE Request: Apache Solr XXE
From: David Jorm <djorm () redhat com>
Date: Thu, 28 Nov 2013 23:55:17 -0500 (EST)

Hi All

Apache Solr 4.3.1, 4.4, 5.0 resolves multiple XXE flaws, as described in the following bugs:


I have confirmed that these issues can also be exploited on Apache Solr 3.6.2. Please assign a CVE ID for these XXE 
flaws (I think a single CVE ID is most appropriate).

David Jorm / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]