2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

eclipse-sig November 2017

eclipse-sig@lists.fedoraproject.org

1 participants
52 discussions

Start a nNew thread

[Bug 1501529] CVE-2017-12629 Solr: Code execution via entity expansion

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1501529 Eric Christensen <sparks(a)redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=critical,public=2017 |impact=critical,public=2017 |1012,reported=20171012,sour |1012,reported=20171011,sour |ce=internet,cvss2=10/AV:N/A |ce=internet,cvss2=10/AV:N/A |C:L/Au:N/C:C/I:C/A:C,cvss3= |C:L/Au:N/C:C/I:C/A:C,cvss3= |9.8/CVSS:3.0/AV:N/AC:L/PR:N |9.8/CVSS:3.0/AV:N/AC:L/PR:N |/UI:N/S:U/C:H/I:H/A:H,eap-6 |/UI:N/S:U/C:H/I:H/A:H,eap-6 |/solr=notaffected,eap-7/luc |/solr=notaffected,eap-7/luc |ene=affected/impact=moderat |ene=affected/impact=moderat |e,jpp-6/solr=notaffected/im |e,jpp-6/solr=notaffected/im |pact=moderate,rhsso-7/lucen |pact=moderate,rhsso-7/lucen |e=notaffected/impact=modera |e=notaffected/impact=modera |te,jdg-7/lucene=affected/im |te,jdg-7/lucene=affected/im |pact=moderate,fuse-6/Camel= |pact=moderate,fuse-6/Camel= |notaffected,brms-6/lucene=n |notaffected,brms-6/lucene=n |otaffected,bpms-6/lucene=no |otaffected,bpms-6/lucene=no |taffected,rhev-m-4/lucene=n |taffected,rhev-m-4/lucene=n |otaffected/impact=moderate, |otaffected/impact=moderate, |rhel-5/lucene=notaffected,r |rhel-5/lucene=notaffected,r |hel-6/lucene=wontfix/impact |hel-6/lucene=wontfix/impact |=moderate,rhscl-3/rh-java-c |=moderate,rhscl-3/rh-java-c |ommon-lucene=affected/impac |ommon-lucene=affected/impac |t=moderate,rhscl-3/rh-java- |t=moderate,rhscl-3/rh-java- |common-lucene5=affected/imp |common-lucene5=affected/imp |act=moderate,fedora-all/luc |act=moderate,fedora-all/luc |ene=affected,fedora-all/luc |ene=affected,fedora-all/luc |ene4=affected,fedora-all/lu |ene4=affected,fedora-all/lu |cene3=affected,fedora-all/s |cene3=affected,fedora-all/s |olr3=affected,eap-6/lucene= |olr3=affected,eap-6/lucene= |notaffected |notaffected --- Doc Text *updated* --- It was found that Apache Solr would accept an object from an unauthenticated user that could be manipulated through subsequent post requests. An attacker could use this flaw to assemble an object that could permit execution of arbitrary code on the server. -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 5 months

1
0
0 / 0

[Bug 1501529] CVE-2017-12629 Solr: Code execution via entity expansion

by bugzilla＠redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1501529 Bug 1501529 depends on bug 1501838, which changed state. Bug 1501838 Summary: CVE-2017-12629 lucene: Solr: Code execution via entity expansion [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1501838 What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA -- You are receiving this mail because: You are on the CC list for the bug.

6 years, 6 months

1
0
0 / 0

← Newer
1
2
3
4
5
6
Older →