Download
| Alert*
oval:org.secpod.oval:def:504957
Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. Security Fix: * It was discovered that Lucene"s XML query parser did not properly ... oval:org.secpod.oval:def:504936 Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. Security Fix: * It was discovered that Lucene"s XML query parser did not properly ... oval:org.secpod.oval:def:61796 lucene-solr: Full-text search engine library for Java - additional libraries Apache Solr could be made to run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:113637 Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. oval:org.secpod.oval:def:113618 Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. oval:org.secpod.oval:def:113404 Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. oval:org.secpod.oval:def:113488 Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. oval:org.secpod.oval:def:53262 Two vulnerabilities have been found in Solr, a search server based on Lucene, which could result in the execution of arbitrary code or path traversal. oval:org.secpod.oval:def:1901408 Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external ... oval:org.secpod.oval:def:113385 Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. oval:org.secpod.oval:def:113584 Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. oval:org.secpod.oval:def:603291 Two vulnerabilities have been found in Solr, a search server based on Lucene, which could result in the execution of arbitrary code or path traversal. oval:org.secpod.oval:def:50605 Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. oval:org.secpod.oval:def:705359 lucene-solr: Full-text search engine library for Java - additional libraries Apache Solr could be made to run programs if it received specially crafted network traffic. |