oss-sec mailing list archives
CVE Request: Apache Solr XXE
From: David Jorm <djorm () redhat com>
Date: Thu, 28 Nov 2013 23:55:17 -0500 (EST)
Hi All Apache Solr 4.3.1, 4.4, 5.0 resolves multiple XXE flaws, as described in the following bugs: https://issues.apache.org/jira/browse/SOLR-3895 https://issues.apache.org/jira/browse/SOLR-4881 I have confirmed that these issues can also be exploited on Apache Solr 3.6.2. Please assign a CVE ID for these XXE flaws (I think a single CVE ID is most appropriate). Thanks -- David Jorm / Red Hat Security Response Team
Current thread:
- CVE Request: Apache Solr XXE David Jorm (Nov 28)
- Re: CVE Request: Apache Solr XXE Kurt Seifried (Nov 28)