Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.solr/solr-core@6.4.1
Typemaven
Namespaceorg.apache.solr
Namesolr-core
Version6.4.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.10.1
Latest_non_vulnerable_version9.10.1
Affected_by_vulnerabilities
0
url VCID-3gq7-8e2z-yqcv
vulnerability_id VCID-3gq7-8e2z-yqcv
summary 
Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin
Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components.  Only deployments that meet all of the following criteria are impacted by this vulnerability:

  *  Use of Solr's "RuleBasedAuthorizationPlugin"
  *  A RuleBasedAuthorizationPlugin config (see security.json) that specifies multiple "roles"
  *  A RuleBasedAuthorizationPlugin permission list (see security.json) that uses one or more of the following pre-defined permission rules: "config-read", "config-edit", "schema-read", "metrics-read", or "security-read".
  *  A RuleBasedAuthorizationPlugin permission list that doesn't define the "all" pre-defined permission
  *  A networking setup that allows clients to make unfiltered network requests to Solr. (i.e. user-submitted HTTP/HTTPS requests reach Solr as-is, unmodified or restricted by any intervening proxy or gateway)

Users can mitigate this vulnerability by ensuring that their RuleBasedAuthorizationPlugin configuration specifies the "all" pre-defined permission and associates the permission with an "admin" or other privileged role.  Users can also upgrade to a Solr version outside of the impacted range, such as the recently released Solr 9.10.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22022.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22022.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22022
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40416
published_at 2026-04-16T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.40393
published_at 2026-04-02T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40419
published_at 2026-04-04T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40343
published_at 2026-04-07T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40394
published_at 2026-04-08T12:55:00Z
5
value 0.00186
scoring_system epss
scoring_elements 0.40406
published_at 2026-04-09T12:55:00Z
6
value 0.00186
scoring_system epss
scoring_elements 0.40426
published_at 2026-04-11T12:55:00Z
7
value 0.00186
scoring_system epss
scoring_elements 0.40388
published_at 2026-04-12T12:55:00Z
8
value 0.00186
scoring_system epss
scoring_elements 0.40369
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22022
2
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
3
reference_url https://github.com/apache/solr/commit/c135e6335c7158fa26e96b0dc386f825255b47c0
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/c135e6335c7158fa26e96b0dc386f825255b47c0
4
reference_url https://issues.apache.org/jira/browse/SOLR-18054
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-18054
5
reference_url https://lists.apache.org/thread/d59hqbgo7p62myq7mgfpz7or8n1j7wbn
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:34:12Z/
url https://lists.apache.org/thread/d59hqbgo7p62myq7mgfpz7or8n1j7wbn
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22022
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-22022
7
reference_url http://www.openwall.com/lists/oss-security/2026/01/20/4
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/01/20/4
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2431603
reference_id 2431603
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2431603
9
reference_url https://github.com/advisories/GHSA-qr3p-2xj2-q7hq
reference_id GHSA-qr3p-2xj2-q7hq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qr3p-2xj2-q7hq
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@9.10.1
purl pkg:maven/org.apache.solr/solr-core@9.10.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.10.1
aliases CVE-2026-22022, GHSA-qr3p-2xj2-q7hq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gq7-8e2z-yqcv
1
url VCID-3vmh-e7x6-3kf6
vulnerability_id VCID-3vmh-e7x6-3kf6
summary 
Incorrect Authorization in Apache Solr
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29943.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29943.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29943
reference_id
reference_type
scores
0
value 0.07673
scoring_system epss
scoring_elements 0.91922
published_at 2026-04-16T12:55:00Z
1
value 0.07673
scoring_system epss
scoring_elements 0.91878
published_at 2026-04-04T12:55:00Z
2
value 0.07673
scoring_system epss
scoring_elements 0.91898
published_at 2026-04-08T12:55:00Z
3
value 0.07673
scoring_system epss
scoring_elements 0.91871
published_at 2026-04-02T12:55:00Z
4
value 0.07673
scoring_system epss
scoring_elements 0.91885
published_at 2026-04-07T12:55:00Z
5
value 0.07673
scoring_system epss
scoring_elements 0.91907
published_at 2026-04-12T12:55:00Z
6
value 0.07673
scoring_system epss
scoring_elements 0.91903
published_at 2026-04-13T12:55:00Z
7
value 0.07673
scoring_system epss
scoring_elements 0.91863
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29943
2
reference_url https://lists.apache.org/thread.html/r91dd0ff556e0c9aab4c92852e0e540c59d4633718ce12881558cf44d%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r91dd0ff556e0c9aab4c92852e0e540c59d4633718ce12881558cf44d%40%3Cusers.solr.apache.org%3E
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-29943
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-29943
4
reference_url https://security.netapp.com/advisory/ntap-20210604-0009
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210604-0009
5
reference_url https://security.netapp.com/advisory/ntap-20210604-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210604-0009/
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1949521
reference_id 1949521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1949521
7
reference_url https://security.archlinux.org/AVG-1808
reference_id AVG-1808
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1808
8
reference_url https://github.com/advisories/GHSA-vf7p-j8x6-xvwp
reference_id GHSA-vf7p-j8x6-xvwp
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vf7p-j8x6-xvwp
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.8.2
purl pkg:maven/org.apache.solr/solr-core@8.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-a4yf-9j54-e3cp
4
vulnerability VCID-hpys-9ncu-3bgv
5
vulnerability VCID-jc41-ky5q-tkhv
6
vulnerability VCID-t4p6-84y8-kbbu
7
vulnerability VCID-uaxq-nmwp-5uct
8
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.8.2
aliases CVE-2021-29943, GHSA-vf7p-j8x6-xvwp
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3vmh-e7x6-3kf6
2
url VCID-4dgs-1mk2-5ubr
vulnerability_id VCID-4dgs-1mk2-5ubr
summary 
Improper Input Validation
Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. The Replication handler allows commands backup, restore and deleteBackup. Each of these take a location parameter, which was not validated, i.e you could read/write to any location the solr user can access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13941.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13941.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13941
reference_id
reference_type
scores
0
value 0.02798
scoring_system epss
scoring_elements 0.86124
published_at 2026-04-16T12:55:00Z
1
value 0.02798
scoring_system epss
scoring_elements 0.86043
published_at 2026-04-01T12:55:00Z
2
value 0.02798
scoring_system epss
scoring_elements 0.86054
published_at 2026-04-02T12:55:00Z
3
value 0.02798
scoring_system epss
scoring_elements 0.8607
published_at 2026-04-07T12:55:00Z
4
value 0.02798
scoring_system epss
scoring_elements 0.86089
published_at 2026-04-08T12:55:00Z
5
value 0.02798
scoring_system epss
scoring_elements 0.861
published_at 2026-04-09T12:55:00Z
6
value 0.02798
scoring_system epss
scoring_elements 0.86114
published_at 2026-04-11T12:55:00Z
7
value 0.02798
scoring_system epss
scoring_elements 0.86112
published_at 2026-04-12T12:55:00Z
8
value 0.02798
scoring_system epss
scoring_elements 0.86107
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13941
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13941
3
reference_url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/rbcd9dff009ed19ffcc2b09784595fc1098fc802a5472f81795f893be@%3Ccommits.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbcd9dff009ed19ffcc2b09784595fc1098fc802a5472f81795f893be@%3Ccommits.lucene.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/rf54e7912b7d2b72c63ec54a7afa4adcbf16268dcc63253767dd67d60%40%3Cgeneral.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf54e7912b7d2b72c63ec54a7afa4adcbf16268dcc63253767dd67d60%40%3Cgeneral.lucene.apache.org%3E
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1869167
reference_id 1869167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1869167
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13941
reference_id CVE-2020-13941
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13941
9
reference_url https://github.com/advisories/GHSA-2467-h365-j7hm
reference_id GHSA-2467-h365-j7hm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2467-h365-j7hm
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.6.0
purl pkg:maven/org.apache.solr/solr-core@8.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xbr-pekw-ukcn
1
vulnerability VCID-3gq7-8e2z-yqcv
2
vulnerability VCID-3vmh-e7x6-3kf6
3
vulnerability VCID-418m-x1un-gufd
4
vulnerability VCID-5781-s1ny-q7ey
5
vulnerability VCID-835p-mav1-1qem
6
vulnerability VCID-a4yf-9j54-e3cp
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-hpys-9ncu-3bgv
9
vulnerability VCID-jc41-ky5q-tkhv
10
vulnerability VCID-t4p6-84y8-kbbu
11
vulnerability VCID-uaxq-nmwp-5uct
12
vulnerability VCID-v5ka-6bd4-33ft
13
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.6.0
aliases CVE-2020-13941, GHSA-2467-h365-j7hm
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dgs-1mk2-5ubr
3
url VCID-5781-s1ny-q7ey
vulnerability_id VCID-5781-s1ny-q7ey
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44487.json
1
reference_url https://akka.io/security/akka-http-cve-2023-44487.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://akka.io/security/akka-http-cve-2023-44487.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-44487
reference_id
reference_type
scores
0
value 0.94385
scoring_system epss
scoring_elements 0.9997
published_at 2026-04-04T12:55:00Z
1
value 0.94385
scoring_system epss
scoring_elements 0.99971
published_at 2026-04-13T12:55:00Z
2
value 0.94395
scoring_system epss
scoring_elements 0.99974
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-44487
3
reference_url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size
4
reference_url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/
5
reference_url https://aws.amazon.com/security/security-bulletins/AWS-2023-011
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://aws.amazon.com/security/security-bulletins/AWS-2023-011
6
reference_url https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
7
reference_url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack
8
reference_url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/
9
reference_url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack
10
reference_url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/
11
reference_url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty
12
reference_url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/
13
reference_url https://bugzilla.proxmox.com/show_bug.cgi?id=4988
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://bugzilla.proxmox.com/show_bug.cgi?id=4988
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2242803
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2242803
15
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1216123
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1216123
16
reference_url https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9
17
reference_url https://chaos.social/@icing/111210915918780532
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://chaos.social/@icing/111210915918780532
18
reference_url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps
19
reference_url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/
20
reference_url https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack
21
reference_url https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-47185
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33934
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34462
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36478
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41752
27
reference_url https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://discuss.hashicorp.com/t/hcsec-2023-32-vault-consul-and-boundary-affected-by-http-2-rapid-reset-denial-of-service-vulnerability-cve-2023-44487/59715
28
reference_url https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve
29
reference_url https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764
30
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
31
reference_url https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088
32
reference_url https://github.com/akka/akka-http/issues/4323
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/akka/akka-http/issues/4323
33
reference_url https://github.com/akka/akka-http/pull/4324
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/akka/akka-http/pull/4324
34
reference_url https://github.com/akka/akka-http/pull/4325
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/akka/akka-http/pull/4325
35
reference_url https://github.com/alibaba/tengine/issues/1872
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/alibaba/tengine/issues/1872
36
reference_url https://github.com/apache/apisix/issues/10320
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/apisix/issues/10320
37
reference_url https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113
38
reference_url https://github.com/apache/httpd-site/pull/10
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/httpd-site/pull/10
39
reference_url https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/6d1a9fd6642387969e4410b9989c85856b74917a
40
reference_url https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/76bb4bfbfeae827dce896f650655bbf6e251ed49
41
reference_url https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/tomcat/commit/944332bb15bd2f3bf76ec2caeb1ff0a58a3bc628
42
reference_url https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e
reference_id
reference_type
scores
url https://github.com/apache/tomcat/commit/9cdfe25bad707f34b3e5da2994f3f1952a163c3e
43
reference_url https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2
44
reference_url https://github.com/apache/trafficserver/pull/10564
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/apache/trafficserver/pull/10564
45
reference_url https://github.com/apple/swift-nio-http2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apple/swift-nio-http2
46
reference_url https://github.com/Azure/AKS/issues/3947
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/Azure/AKS/issues/3947
47
reference_url https://github.com/caddyserver/caddy/issues/5877
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/caddyserver/caddy/issues/5877
48
reference_url https://github.com/caddyserver/caddy/releases/tag/v2.7.5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/caddyserver/caddy/releases/tag/v2.7.5
49
reference_url https://github.com/dotnet/announcements/issues/277
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/dotnet/announcements/issues/277
50
reference_url https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73
51
reference_url https://github.com/eclipse/jetty.project/issues/10679
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/eclipse/jetty.project/issues/10679
52
reference_url https://github.com/envoyproxy/envoy/pull/30055
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/envoyproxy/envoy/pull/30055
53
reference_url https://github.com/etcd-io/etcd/issues/16740
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/etcd-io/etcd/issues/16740
54
reference_url https://github.com/facebook/proxygen/pull/466
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/facebook/proxygen/pull/466
55
reference_url https://github.com/golang/go/issues/63417
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/golang/go/issues/63417
56
reference_url https://github.com/grpc/grpc-go/pull/6703
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/grpc/grpc-go/pull/6703
57
reference_url https://github.com/grpc/grpc-go/releases
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grpc/grpc-go/releases
58
reference_url https://github.com/grpc/grpc/releases/tag/v1.59.2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/grpc/grpc/releases/tag/v1.59.2
59
reference_url https://github.com/h2o/h2o/pull/3291
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/h2o/h2o/pull/3291
60
reference_url https://github.com/haproxy/haproxy/issues/2312
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/haproxy/haproxy/issues/2312
61
reference_url https://github.com/hyperium/hyper/issues/3337
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/hyperium/hyper/issues/3337
62
reference_url https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244
63
reference_url https://github.com/junkurihara/rust-rpxy/issues/97
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/junkurihara/rust-rpxy/issues/97
64
reference_url https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1
65
reference_url https://github.com/kazu-yamamoto/http2/issues/93
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/kazu-yamamoto/http2/issues/93
66
reference_url https://github.com/Kong/kong/discussions/11741
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/Kong/kong/discussions/11741
67
reference_url https://github.com/kubernetes/kubernetes/pull/121120
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/kubernetes/kubernetes/pull/121120
68
reference_url https://github.com/line/armeria/pull/5232
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/line/armeria/pull/5232
69
reference_url https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632
70
reference_url https://github.com/micrictor/http2-rst-stream
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/micrictor/http2-rst-stream
71
reference_url https://github.com/microsoft/CBL-Mariner/pull/6381
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/microsoft/CBL-Mariner/pull/6381
72
reference_url https://github.com/netty/netty
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/netty/netty
73
reference_url https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61
74
reference_url https://github.com/nghttp2/nghttp2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nghttp2/nghttp2
75
reference_url https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nghttp2/nghttp2/commit/72b4af6143681f528f1d237b21a9a7aee1738832
76
reference_url https://github.com/nghttp2/nghttp2/pull/1961
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/nghttp2/nghttp2/pull/1961
77
reference_url https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0
78
reference_url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/nghttp2/nghttp2/security/advisories/GHSA-vx74-f528-fxqg
79
reference_url https://github.com/ninenines/cowboy/issues/1615
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/ninenines/cowboy/issues/1615
80
reference_url https://github.com/nodejs/node/pull/50121
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/nodejs/node/pull/50121
81
reference_url https://github.com/openresty/openresty/issues/930
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/openresty/openresty/issues/930
82
reference_url https://github.com/opensearch-project/data-prepper/issues/3474
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/opensearch-project/data-prepper/issues/3474
83
reference_url https://github.com/oqtane/oqtane.framework/discussions/3367
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/oqtane/oqtane.framework/discussions/3367
84
reference_url https://github.com/projectcontour/contour/pull/5826
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/projectcontour/contour/pull/5826
85
reference_url https://github.com/tempesta-tech/tempesta/issues/1986
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/tempesta-tech/tempesta/issues/1986
86
reference_url https://github.com/varnishcache/varnish-cache/issues/3996
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/varnishcache/varnish-cache/issues/3996
87
reference_url https://go.dev/cl/534215
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/534215
88
reference_url https://go.dev/cl/534235
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/534235
89
reference_url https://go.dev/issue/63417
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/63417
90
reference_url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo
91
reference_url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ
92
reference_url https://istio.io/latest/news/security/istio-security-2023-004
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://istio.io/latest/news/security/istio-security-2023-004
93
reference_url https://istio.io/latest/news/security/istio-security-2023-004/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://istio.io/latest/news/security/istio-security-2023-004/
94
reference_url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487
95
reference_url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/
96
reference_url https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
97
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html
98
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00023.html
99
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00024.html
100
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00045.html
101
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00047.html
102
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00001.html
103
reference_url https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.debian.org/debian-lts-announce/2023/11/msg00012.html
104
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
105
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
106
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
107
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
108
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
109
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
110
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
111
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
112
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
113
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
114
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
115
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
116
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
117
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
118
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
119
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
120
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
121
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
122
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
123
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
124
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
125
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
126
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
127
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
128
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
129
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
130
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
131
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
132
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
133
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
134
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
135
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
136
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
137
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
138
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
139
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
140
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
141
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
142
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
143
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
144
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
145
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
146
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
147
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
148
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
149
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
150
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5
151
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
152
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
153
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ
154
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIZSEFC3YKCGABA2BZW6ZJRMDZJMB7PJ/
155
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY
156
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/
157
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
158
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
159
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
160
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
161
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
162
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
163
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
164
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
165
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
166
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
167
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3
168
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZKQSIKIAT5TJ3WSLU3RDBQ35YX4GY4V3/
169
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
170
reference_url https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html
171
reference_url https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html
172
reference_url https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html
173
reference_url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2
174
reference_url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/
175
reference_url https://my.f5.com/manage/s/article/K000137106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://my.f5.com/manage/s/article/K000137106
176
reference_url https://netty.io/news/2023/10/10/4-1-100-Final.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://netty.io/news/2023/10/10/4-1-100-Final.html
177
reference_url https://news.ycombinator.com/item?id=37830987
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37830987
178
reference_url https://news.ycombinator.com/item?id=37830998
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37830998
179
reference_url https://news.ycombinator.com/item?id=37831062
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37831062
180
reference_url https://news.ycombinator.com/item?id=37837043
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://news.ycombinator.com/item?id=37837043
181
reference_url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response
182
reference_url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/
183
reference_url https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected
184
reference_url https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http2-reset-d8Kf32vZ
185
reference_url https://security.gentoo.org/glsa/202311-09
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.gentoo.org/glsa/202311-09
186
reference_url https://security.netapp.com/advisory/ntap-20231016-0001
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231016-0001
187
reference_url https://security.netapp.com/advisory/ntap-20231016-0001/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.netapp.com/advisory/ntap-20231016-0001/
188
reference_url https://security.netapp.com/advisory/ntap-20240426-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240426-0007
189
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
190
reference_url https://security.netapp.com/advisory/ntap-20240621-0007
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0007
191
reference_url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14
192
reference_url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.0-M12
193
reference_url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.94
194
reference_url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.81
195
reference_url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records
196
reference_url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
197
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-44487
198
reference_url https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487
199
reference_url https://www.cve.org/CVERecord?id=CVE-2023-44487
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cve.org/CVERecord?id=CVE-2023-44487
200
reference_url https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
201
reference_url https://www.debian.org/security/2023/dsa-5521
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5521
202
reference_url https://www.debian.org/security/2023/dsa-5522
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5522
203
reference_url https://www.debian.org/security/2023/dsa-5540
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5540
204
reference_url https://www.debian.org/security/2023/dsa-5549
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5549
205
reference_url https://www.debian.org/security/2023/dsa-5558
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5558
206
reference_url https://www.debian.org/security/2023/dsa-5570
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.debian.org/security/2023/dsa-5570
207
reference_url https://www.eclipse.org/lists/jetty-announce/msg00181.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.eclipse.org/lists/jetty-announce/msg00181.html
208
reference_url https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487
209
reference_url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487
210
reference_url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/
211
reference_url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products
212
reference_url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/
213
reference_url https://www.openwall.com/lists/oss-security/2023/10/10/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.openwall.com/lists/oss-security/2023/10/10/6
214
reference_url https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack
215
reference_url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday
216
reference_url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/
217
reference_url https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/rapid-reset-cve-2023-44487-dos-in-http2-understanding-the-root-cause
218
reference_url http://www.openwall.com/lists/oss-security/2023/10/10/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/10/6
219
reference_url http://www.openwall.com/lists/oss-security/2023/10/10/7
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/10/7
220
reference_url http://www.openwall.com/lists/oss-security/2023/10/13/4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/13/4
221
reference_url http://www.openwall.com/lists/oss-security/2023/10/13/9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/13/9
222
reference_url http://www.openwall.com/lists/oss-security/2023/10/18/4
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/18/4
223
reference_url http://www.openwall.com/lists/oss-security/2023/10/18/8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/18/8
224
reference_url http://www.openwall.com/lists/oss-security/2023/10/19/6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/19/6
225
reference_url http://www.openwall.com/lists/oss-security/2023/10/20/8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/20/8
226
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769
reference_id 1053769
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053769
227
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770
reference_id 1053770
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053770
228
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801
reference_id 1053801
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053801
229
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232
reference_id 1054232
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054232
230
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234
reference_id 1054234
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054234
231
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156
reference_id 1056156
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056156
232
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421
reference_id 1074421
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074421
233
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
reference_id 2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MBEPPC36UBVOZZNAXFHKLFGSLCMN5LI/
234
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
reference_id 3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/
235
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
reference_id BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFQD3KUEMFBHPAPBGLWQC34L4OWL5HAZ/
236
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
reference_id CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
237
reference_url https://access.redhat.com/security/cve/cve-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://access.redhat.com/security/cve/cve-2023-44487
238
reference_url https://blog.vespa.ai/cve-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://blog.vespa.ai/cve-2023-44487
239
reference_url https://blog.vespa.ai/cve-2023-44487/
reference_id CVE-2023-44487
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.vespa.ai/cve-2023-44487/
240
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value Important
scoring_system apache_tomcat
scoring_elements
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
241
reference_url https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487
242
reference_url https://github.com/bcdannyboy/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/bcdannyboy/CVE-2023-44487
243
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py
reference_id CVE-2023-44487
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52426.py
244
reference_url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487
245
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-44487
246
reference_url https://security.paloaltonetworks.com/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.paloaltonetworks.com/CVE-2023-44487
247
reference_url https://ubuntu.com/security/CVE-2023-44487
reference_id CVE-2023-44487
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://ubuntu.com/security/CVE-2023-44487
248
reference_url https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
reference_id CVE-2023-44487-HTTP-2-RAPID-RESET-ATTACK
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack
249
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
reference_id E72T67UPDRXHIDLO3OROR25YAMN4GGW5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/
250
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
reference_id FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/
251
reference_url https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
reference_id GHSA-2m7v-gc89-fjqf
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf
252
reference_url https://github.com/advisories/GHSA-qppj-fm5r-hxr3
reference_id GHSA-qppj-fm5r-hxr3
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/advisories/GHSA-qppj-fm5r-hxr3
253
reference_url https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3
reference_id GHSA-qppj-fm5r-hxr3
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
4
value HIGH
scoring_system generic_textual
scoring_elements
5
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apple/swift-nio-http2/security/advisories/GHSA-qppj-fm5r-hxr3
254
reference_url https://github.com/advisories/GHSA-vx74-f528-fxqg
reference_id GHSA-vx74-f528-fxqg
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/advisories/GHSA-vx74-f528-fxqg
255
reference_url https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
reference_id GHSA-xpw8-rcwv-8f8p
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:A
4
value MODERATE
scoring_system generic_textual
scoring_elements
5
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
256
reference_url https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
reference_id GHSA-xpw8-rcwv-8f8p
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/netty/netty/security/advisories/GHSA-xpw8-rcwv-8f8p
257
reference_url https://security.gentoo.org/glsa/202408-10
reference_id GLSA-202408-10
reference_type
scores
url https://security.gentoo.org/glsa/202408-10
258
reference_url https://security.gentoo.org/glsa/202412-14
reference_id GLSA-202412-14
reference_type
scores
url https://security.gentoo.org/glsa/202412-14
259
reference_url https://security.gentoo.org/glsa/202505-11
reference_id GLSA-202505-11
reference_type
scores
url https://security.gentoo.org/glsa/202505-11
260
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
reference_id HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/
261
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
reference_id KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
262
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
reference_id LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/
263
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
reference_id LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LNMZJCDHGLJJLXO4OXWJMTVQRNWOC7UL/
264
reference_url https://security.netapp.com/advisory/ntap-20240426-0007/
reference_id ntap-20240426-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.netapp.com/advisory/ntap-20240426-0007/
265
reference_url https://security.netapp.com/advisory/ntap-20240621-0007/
reference_id ntap-20240621-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://security.netapp.com/advisory/ntap-20240621-0007/
266
reference_url https://access.redhat.com/errata/RHSA-2023:5006
reference_id RHSA-2023:5006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5006
267
reference_url https://access.redhat.com/errata/RHSA-2023:5009
reference_id RHSA-2023:5009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5009
268
reference_url https://access.redhat.com/errata/RHSA-2023:5530
reference_id RHSA-2023:5530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5530
269
reference_url https://access.redhat.com/errata/RHSA-2023:5541
reference_id RHSA-2023:5541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5541
270
reference_url https://access.redhat.com/errata/RHSA-2023:5542
reference_id RHSA-2023:5542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5542
271
reference_url https://access.redhat.com/errata/RHSA-2023:5679
reference_id RHSA-2023:5679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5679
272
reference_url https://access.redhat.com/errata/RHSA-2023:5705
reference_id RHSA-2023:5705
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5705
273
reference_url https://access.redhat.com/errata/RHSA-2023:5706
reference_id RHSA-2023:5706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5706
274
reference_url https://access.redhat.com/errata/RHSA-2023:5707
reference_id RHSA-2023:5707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5707
275
reference_url https://access.redhat.com/errata/RHSA-2023:5708
reference_id RHSA-2023:5708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5708
276
reference_url https://access.redhat.com/errata/RHSA-2023:5709
reference_id RHSA-2023:5709
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5709
277
reference_url https://access.redhat.com/errata/RHSA-2023:5710
reference_id RHSA-2023:5710
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5710
278
reference_url https://access.redhat.com/errata/RHSA-2023:5711
reference_id RHSA-2023:5711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5711
279
reference_url https://access.redhat.com/errata/RHSA-2023:5712
reference_id RHSA-2023:5712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5712
280
reference_url https://access.redhat.com/errata/RHSA-2023:5713
reference_id RHSA-2023:5713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5713
281
reference_url https://access.redhat.com/errata/RHSA-2023:5714
reference_id RHSA-2023:5714
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5714
282
reference_url https://access.redhat.com/errata/RHSA-2023:5715
reference_id RHSA-2023:5715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5715
283
reference_url https://access.redhat.com/errata/RHSA-2023:5716
reference_id RHSA-2023:5716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5716
284
reference_url https://access.redhat.com/errata/RHSA-2023:5717
reference_id RHSA-2023:5717
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5717
285
reference_url https://access.redhat.com/errata/RHSA-2023:5719
reference_id RHSA-2023:5719
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5719
286
reference_url https://access.redhat.com/errata/RHSA-2023:5720
reference_id RHSA-2023:5720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5720
287
reference_url https://access.redhat.com/errata/RHSA-2023:5721
reference_id RHSA-2023:5721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5721
288
reference_url https://access.redhat.com/errata/RHSA-2023:5724
reference_id RHSA-2023:5724
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5724
289
reference_url https://access.redhat.com/errata/RHSA-2023:5738
reference_id RHSA-2023:5738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5738
290
reference_url https://access.redhat.com/errata/RHSA-2023:5749
reference_id RHSA-2023:5749
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5749
291
reference_url https://access.redhat.com/errata/RHSA-2023:5764
reference_id RHSA-2023:5764
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5764
292
reference_url https://access.redhat.com/errata/RHSA-2023:5765
reference_id RHSA-2023:5765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5765
293
reference_url https://access.redhat.com/errata/RHSA-2023:5766
reference_id RHSA-2023:5766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5766
294
reference_url https://access.redhat.com/errata/RHSA-2023:5767
reference_id RHSA-2023:5767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5767
295
reference_url https://access.redhat.com/errata/RHSA-2023:5768
reference_id RHSA-2023:5768
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5768
296
reference_url https://access.redhat.com/errata/RHSA-2023:5769
reference_id RHSA-2023:5769
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5769
297
reference_url https://access.redhat.com/errata/RHSA-2023:5770
reference_id RHSA-2023:5770
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5770
298
reference_url https://access.redhat.com/errata/RHSA-2023:5780
reference_id RHSA-2023:5780
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5780
299
reference_url https://access.redhat.com/errata/RHSA-2023:5783
reference_id RHSA-2023:5783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5783
300
reference_url https://access.redhat.com/errata/RHSA-2023:5784
reference_id RHSA-2023:5784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5784
301
reference_url https://access.redhat.com/errata/RHSA-2023:5801
reference_id RHSA-2023:5801
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5801
302
reference_url https://access.redhat.com/errata/RHSA-2023:5802
reference_id RHSA-2023:5802
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5802
303
reference_url https://access.redhat.com/errata/RHSA-2023:5803
reference_id RHSA-2023:5803
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5803
304
reference_url https://access.redhat.com/errata/RHSA-2023:5805
reference_id RHSA-2023:5805
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5805
305
reference_url https://access.redhat.com/errata/RHSA-2023:5835
reference_id RHSA-2023:5835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5835
306
reference_url https://access.redhat.com/errata/RHSA-2023:5837
reference_id RHSA-2023:5837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5837
307
reference_url https://access.redhat.com/errata/RHSA-2023:5838
reference_id RHSA-2023:5838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5838
308
reference_url https://access.redhat.com/errata/RHSA-2023:5840
reference_id RHSA-2023:5840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5840
309
reference_url https://access.redhat.com/errata/RHSA-2023:5841
reference_id RHSA-2023:5841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5841
310
reference_url https://access.redhat.com/errata/RHSA-2023:5849
reference_id RHSA-2023:5849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5849
311
reference_url https://access.redhat.com/errata/RHSA-2023:5850
reference_id RHSA-2023:5850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5850
312
reference_url https://access.redhat.com/errata/RHSA-2023:5851
reference_id RHSA-2023:5851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5851
313
reference_url https://access.redhat.com/errata/RHSA-2023:5863
reference_id RHSA-2023:5863
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5863
314
reference_url https://access.redhat.com/errata/RHSA-2023:5864
reference_id RHSA-2023:5864
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5864
315
reference_url https://access.redhat.com/errata/RHSA-2023:5865
reference_id RHSA-2023:5865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5865
316
reference_url https://access.redhat.com/errata/RHSA-2023:5866
reference_id RHSA-2023:5866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5866
317
reference_url https://access.redhat.com/errata/RHSA-2023:5867
reference_id RHSA-2023:5867
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5867
318
reference_url https://access.redhat.com/errata/RHSA-2023:5869
reference_id RHSA-2023:5869
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5869
319
reference_url https://access.redhat.com/errata/RHSA-2023:5896
reference_id RHSA-2023:5896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5896
320
reference_url https://access.redhat.com/errata/RHSA-2023:5902
reference_id RHSA-2023:5902
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5902
321
reference_url https://access.redhat.com/errata/RHSA-2023:5920
reference_id RHSA-2023:5920
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5920
322
reference_url https://access.redhat.com/errata/RHSA-2023:5922
reference_id RHSA-2023:5922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5922
323
reference_url https://access.redhat.com/errata/RHSA-2023:5924
reference_id RHSA-2023:5924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5924
324
reference_url https://access.redhat.com/errata/RHSA-2023:5928
reference_id RHSA-2023:5928
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5928
325
reference_url https://access.redhat.com/errata/RHSA-2023:5929
reference_id RHSA-2023:5929
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5929
326
reference_url https://access.redhat.com/errata/RHSA-2023:5930
reference_id RHSA-2023:5930
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5930
327
reference_url https://access.redhat.com/errata/RHSA-2023:5931
reference_id RHSA-2023:5931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5931
328
reference_url https://access.redhat.com/errata/RHSA-2023:5933
reference_id RHSA-2023:5933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5933
329
reference_url https://access.redhat.com/errata/RHSA-2023:5935
reference_id RHSA-2023:5935
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5935
330
reference_url https://access.redhat.com/errata/RHSA-2023:5945
reference_id RHSA-2023:5945
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5945
331
reference_url https://access.redhat.com/errata/RHSA-2023:5946
reference_id RHSA-2023:5946
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5946
332
reference_url https://access.redhat.com/errata/RHSA-2023:5947
reference_id RHSA-2023:5947
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5947
333
reference_url https://access.redhat.com/errata/RHSA-2023:5956
reference_id RHSA-2023:5956
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5956
334
reference_url https://access.redhat.com/errata/RHSA-2023:5964
reference_id RHSA-2023:5964
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5964
335
reference_url https://access.redhat.com/errata/RHSA-2023:5965
reference_id RHSA-2023:5965
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5965
336
reference_url https://access.redhat.com/errata/RHSA-2023:5967
reference_id RHSA-2023:5967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5967
337
reference_url https://access.redhat.com/errata/RHSA-2023:5969
reference_id RHSA-2023:5969
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5969
338
reference_url https://access.redhat.com/errata/RHSA-2023:5970
reference_id RHSA-2023:5970
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5970
339
reference_url https://access.redhat.com/errata/RHSA-2023:5971
reference_id RHSA-2023:5971
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5971
340
reference_url https://access.redhat.com/errata/RHSA-2023:5973
reference_id RHSA-2023:5973
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5973
341
reference_url https://access.redhat.com/errata/RHSA-2023:5974
reference_id RHSA-2023:5974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5974
342
reference_url https://access.redhat.com/errata/RHSA-2023:5976
reference_id RHSA-2023:5976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5976
343
reference_url https://access.redhat.com/errata/RHSA-2023:5978
reference_id RHSA-2023:5978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5978
344
reference_url https://access.redhat.com/errata/RHSA-2023:5979
reference_id RHSA-2023:5979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5979
345
reference_url https://access.redhat.com/errata/RHSA-2023:5980
reference_id RHSA-2023:5980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5980
346
reference_url https://access.redhat.com/errata/RHSA-2023:5982
reference_id RHSA-2023:5982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5982
347
reference_url https://access.redhat.com/errata/RHSA-2023:5989
reference_id RHSA-2023:5989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5989
348
reference_url https://access.redhat.com/errata/RHSA-2023:6020
reference_id RHSA-2023:6020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6020
349
reference_url https://access.redhat.com/errata/RHSA-2023:6021
reference_id RHSA-2023:6021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6021
350
reference_url https://access.redhat.com/errata/RHSA-2023:6022
reference_id RHSA-2023:6022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6022
351
reference_url https://access.redhat.com/errata/RHSA-2023:6023
reference_id RHSA-2023:6023
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6023
352
reference_url https://access.redhat.com/errata/RHSA-2023:6030
reference_id RHSA-2023:6030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6030
353
reference_url https://access.redhat.com/errata/RHSA-2023:6031
reference_id RHSA-2023:6031
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6031
354
reference_url https://access.redhat.com/errata/RHSA-2023:6039
reference_id RHSA-2023:6039
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6039
355
reference_url https://access.redhat.com/errata/RHSA-2023:6040
reference_id RHSA-2023:6040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6040
356
reference_url https://access.redhat.com/errata/RHSA-2023:6041
reference_id RHSA-2023:6041
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6041
357
reference_url https://access.redhat.com/errata/RHSA-2023:6042
reference_id RHSA-2023:6042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6042
358
reference_url https://access.redhat.com/errata/RHSA-2023:6048
reference_id RHSA-2023:6048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6048
359
reference_url https://access.redhat.com/errata/RHSA-2023:6057
reference_id RHSA-2023:6057
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6057
360
reference_url https://access.redhat.com/errata/RHSA-2023:6059
reference_id RHSA-2023:6059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6059
361
reference_url https://access.redhat.com/errata/RHSA-2023:6061
reference_id RHSA-2023:6061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6061
362
reference_url https://access.redhat.com/errata/RHSA-2023:6077
reference_id RHSA-2023:6077
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6077
363
reference_url https://access.redhat.com/errata/RHSA-2023:6079
reference_id RHSA-2023:6079
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6079
364
reference_url https://access.redhat.com/errata/RHSA-2023:6080
reference_id RHSA-2023:6080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6080
365
reference_url https://access.redhat.com/errata/RHSA-2023:6084
reference_id RHSA-2023:6084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6084
366
reference_url https://access.redhat.com/errata/RHSA-2023:6105
reference_id RHSA-2023:6105
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6105
367
reference_url https://access.redhat.com/errata/RHSA-2023:6106
reference_id RHSA-2023:6106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6106
368
reference_url https://access.redhat.com/errata/RHSA-2023:6114
reference_id RHSA-2023:6114
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6114
369
reference_url https://access.redhat.com/errata/RHSA-2023:6115
reference_id RHSA-2023:6115
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6115
370
reference_url https://access.redhat.com/errata/RHSA-2023:6117
reference_id RHSA-2023:6117
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6117
371
reference_url https://access.redhat.com/errata/RHSA-2023:6118
reference_id RHSA-2023:6118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6118
372
reference_url https://access.redhat.com/errata/RHSA-2023:6120
reference_id RHSA-2023:6120
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6120
373
reference_url https://access.redhat.com/errata/RHSA-2023:6129
reference_id RHSA-2023:6129
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6129
374
reference_url https://access.redhat.com/errata/RHSA-2023:6137
reference_id RHSA-2023:6137
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6137
375
reference_url https://access.redhat.com/errata/RHSA-2023:6144
reference_id RHSA-2023:6144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6144
376
reference_url https://access.redhat.com/errata/RHSA-2023:6154
reference_id RHSA-2023:6154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6154
377
reference_url https://access.redhat.com/errata/RHSA-2023:6161
reference_id RHSA-2023:6161
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6161
378
reference_url https://access.redhat.com/errata/RHSA-2023:6165
reference_id RHSA-2023:6165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6165
379
reference_url https://access.redhat.com/errata/RHSA-2023:6179
reference_id RHSA-2023:6179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6179
380
reference_url https://access.redhat.com/errata/RHSA-2023:6217
reference_id RHSA-2023:6217
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6217
381
reference_url https://access.redhat.com/errata/RHSA-2023:6233
reference_id RHSA-2023:6233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6233
382
reference_url https://access.redhat.com/errata/RHSA-2023:6235
reference_id RHSA-2023:6235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6235
383
reference_url https://access.redhat.com/errata/RHSA-2023:6239
reference_id RHSA-2023:6239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6239
384
reference_url https://access.redhat.com/errata/RHSA-2023:6248
reference_id RHSA-2023:6248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6248
385
reference_url https://access.redhat.com/errata/RHSA-2023:6251
reference_id RHSA-2023:6251
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6251
386
reference_url https://access.redhat.com/errata/RHSA-2023:6269
reference_id RHSA-2023:6269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6269
387
reference_url https://access.redhat.com/errata/RHSA-2023:6272
reference_id RHSA-2023:6272
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6272
388
reference_url https://access.redhat.com/errata/RHSA-2023:6280
reference_id RHSA-2023:6280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6280
389
reference_url https://access.redhat.com/errata/RHSA-2023:6286
reference_id RHSA-2023:6286
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6286
390
reference_url https://access.redhat.com/errata/RHSA-2023:6296
reference_id RHSA-2023:6296
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6296
391
reference_url https://access.redhat.com/errata/RHSA-2023:6298
reference_id RHSA-2023:6298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6298
392
reference_url https://access.redhat.com/errata/RHSA-2023:6305
reference_id RHSA-2023:6305
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6305
393
reference_url https://access.redhat.com/errata/RHSA-2023:6746
reference_id RHSA-2023:6746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6746
394
reference_url https://access.redhat.com/errata/RHSA-2023:6779
reference_id RHSA-2023:6779
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6779
395
reference_url https://access.redhat.com/errata/RHSA-2023:6781
reference_id RHSA-2023:6781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6781
396
reference_url https://access.redhat.com/errata/RHSA-2023:6782
reference_id RHSA-2023:6782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6782
397
reference_url https://access.redhat.com/errata/RHSA-2023:6783
reference_id RHSA-2023:6783
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6783
398
reference_url https://access.redhat.com/errata/RHSA-2023:6784
reference_id RHSA-2023:6784
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6784
399
reference_url https://access.redhat.com/errata/RHSA-2023:6785
reference_id RHSA-2023:6785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6785
400
reference_url https://access.redhat.com/errata/RHSA-2023:6786
reference_id RHSA-2023:6786
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6786
401
reference_url https://access.redhat.com/errata/RHSA-2023:6787
reference_id RHSA-2023:6787
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6787
402
reference_url https://access.redhat.com/errata/RHSA-2023:6788
reference_id RHSA-2023:6788
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6788
403
reference_url https://access.redhat.com/errata/RHSA-2023:6817
reference_id RHSA-2023:6817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6817
404
reference_url https://access.redhat.com/errata/RHSA-2023:6818
reference_id RHSA-2023:6818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6818
405
reference_url https://access.redhat.com/errata/RHSA-2023:6832
reference_id RHSA-2023:6832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6832
406
reference_url https://access.redhat.com/errata/RHSA-2023:6836
reference_id RHSA-2023:6836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6836
407
reference_url https://access.redhat.com/errata/RHSA-2023:6837
reference_id RHSA-2023:6837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6837
408
reference_url https://access.redhat.com/errata/RHSA-2023:6839
reference_id RHSA-2023:6839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6839
409
reference_url https://access.redhat.com/errata/RHSA-2023:6840
reference_id RHSA-2023:6840
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6840
410
reference_url https://access.redhat.com/errata/RHSA-2023:7198
reference_id RHSA-2023:7198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7198
411
reference_url https://access.redhat.com/errata/RHSA-2023:7205
reference_id RHSA-2023:7205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7205
412
reference_url https://access.redhat.com/errata/RHSA-2023:7215
reference_id RHSA-2023:7215
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7215
413
reference_url https://access.redhat.com/errata/RHSA-2023:7218
reference_id RHSA-2023:7218
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7218
414
reference_url https://access.redhat.com/errata/RHSA-2023:7288
reference_id RHSA-2023:7288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7288
415
reference_url https://access.redhat.com/errata/RHSA-2023:7315
reference_id RHSA-2023:7315
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7315
416
reference_url https://access.redhat.com/errata/RHSA-2023:7325
reference_id RHSA-2023:7325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7325
417
reference_url https://access.redhat.com/errata/RHSA-2023:7334
reference_id RHSA-2023:7334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7334
418
reference_url https://access.redhat.com/errata/RHSA-2023:7335
reference_id RHSA-2023:7335
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7335
419
reference_url https://access.redhat.com/errata/RHSA-2023:7344
reference_id RHSA-2023:7344
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7344
420
reference_url https://access.redhat.com/errata/RHSA-2023:7345
reference_id RHSA-2023:7345
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7345
421
reference_url https://access.redhat.com/errata/RHSA-2023:7481
reference_id RHSA-2023:7481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7481
422
reference_url https://access.redhat.com/errata/RHSA-2023:7482
reference_id RHSA-2023:7482
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7482
423
reference_url https://access.redhat.com/errata/RHSA-2023:7483
reference_id RHSA-2023:7483
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7483
424
reference_url https://access.redhat.com/errata/RHSA-2023:7484
reference_id RHSA-2023:7484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7484
425
reference_url https://access.redhat.com/errata/RHSA-2023:7486
reference_id RHSA-2023:7486
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7486
426
reference_url https://access.redhat.com/errata/RHSA-2023:7488
reference_id RHSA-2023:7488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7488
427
reference_url https://access.redhat.com/errata/RHSA-2023:7521
reference_id RHSA-2023:7521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7521
428
reference_url https://access.redhat.com/errata/RHSA-2023:7522
reference_id RHSA-2023:7522
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7522
429
reference_url https://access.redhat.com/errata/RHSA-2023:7555
reference_id RHSA-2023:7555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7555
430
reference_url https://access.redhat.com/errata/RHSA-2023:7587
reference_id RHSA-2023:7587
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7587
431
reference_url https://access.redhat.com/errata/RHSA-2023:7610
reference_id RHSA-2023:7610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7610
432
reference_url https://access.redhat.com/errata/RHSA-2023:7682
reference_id RHSA-2023:7682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7682
433
reference_url https://access.redhat.com/errata/RHSA-2023:7687
reference_id RHSA-2023:7687
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7687
434
reference_url https://access.redhat.com/errata/RHSA-2023:7699
reference_id RHSA-2023:7699
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7699
435
reference_url https://access.redhat.com/errata/RHSA-2023:7703
reference_id RHSA-2023:7703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7703
436
reference_url https://access.redhat.com/errata/RHSA-2023:7704
reference_id RHSA-2023:7704
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7704
437
reference_url https://access.redhat.com/errata/RHSA-2023:7741
reference_id RHSA-2023:7741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7741
438
reference_url https://access.redhat.com/errata/RHSA-2024:0269
reference_id RHSA-2024:0269
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0269
439
reference_url https://access.redhat.com/errata/RHSA-2024:0302
reference_id RHSA-2024:0302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0302
440
reference_url https://access.redhat.com/errata/RHSA-2024:0777
reference_id RHSA-2024:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0777
441
reference_url https://access.redhat.com/errata/RHSA-2024:1444
reference_id RHSA-2024:1444
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1444
442
reference_url https://access.redhat.com/errata/RHSA-2024:1770
reference_id RHSA-2024:1770
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1770
443
reference_url https://access.redhat.com/errata/RHSA-2024:2633
reference_id RHSA-2024:2633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2633
444
reference_url https://access.redhat.com/errata/RHSA-2024:4631
reference_id RHSA-2024:4631
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4631
445
reference_url https://access.redhat.com/errata/RHSA-2025:16668
reference_id RHSA-2025:16668
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16668
446
reference_url https://usn.ubuntu.com/6427-1/
reference_id USN-6427-1
reference_type
scores
url https://usn.ubuntu.com/6427-1/
447
reference_url https://usn.ubuntu.com/6427-2/
reference_id USN-6427-2
reference_type
scores
url https://usn.ubuntu.com/6427-2/
448
reference_url https://usn.ubuntu.com/6438-1/
reference_id USN-6438-1
reference_type
scores
url https://usn.ubuntu.com/6438-1/
449
reference_url https://usn.ubuntu.com/6505-1/
reference_id USN-6505-1
reference_type
scores
url https://usn.ubuntu.com/6505-1/
450
reference_url https://usn.ubuntu.com/6574-1/
reference_id USN-6574-1
reference_type
scores
url https://usn.ubuntu.com/6574-1/
451
reference_url https://usn.ubuntu.com/6754-1/
reference_id USN-6754-1
reference_type
scores
url https://usn.ubuntu.com/6754-1/
452
reference_url https://usn.ubuntu.com/6994-1/
reference_id USN-6994-1
reference_type
scores
url https://usn.ubuntu.com/6994-1/
453
reference_url https://usn.ubuntu.com/7067-1/
reference_id USN-7067-1
reference_type
scores
url https://usn.ubuntu.com/7067-1/
454
reference_url https://usn.ubuntu.com/7410-1/
reference_id USN-7410-1
reference_type
scores
url https://usn.ubuntu.com/7410-1/
455
reference_url https://usn.ubuntu.com/7469-1/
reference_id USN-7469-1
reference_type
scores
url https://usn.ubuntu.com/7469-1/
456
reference_url https://usn.ubuntu.com/7469-2/
reference_id USN-7469-2
reference_type
scores
url https://usn.ubuntu.com/7469-2/
457
reference_url https://usn.ubuntu.com/7469-3/
reference_id USN-7469-3
reference_type
scores
url https://usn.ubuntu.com/7469-3/
458
reference_url https://usn.ubuntu.com/7469-4/
reference_id USN-7469-4
reference_type
scores
url https://usn.ubuntu.com/7469-4/
459
reference_url https://usn.ubuntu.com/7892-1/
reference_id USN-7892-1
reference_type
scores
url https://usn.ubuntu.com/7892-1/
460
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
reference_id VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHUHTSXLXGXS7JYKBXTA3VINUPHTNGVU/
461
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
reference_id VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSRDIV77HNKUSM7SJC5BKE5JSHLHU2NK/
462
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
reference_id WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WE2I52RHNNU42PX6NZ2RBUHSFFJ2LVZX/
463
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
reference_id WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WLPRQ5TWUQQXYWBJM7ECYDAIL2YVKIUH/
464
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
reference_id X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/
465
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
reference_id XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
466
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
reference_id ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZB43REMKRQR62NJEI7I5NQ4FSXNLBKRT/
467
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
reference_id ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2024-07-23T20:34:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZLU6U2R2IC2K64NDPNMV55AUAO65MAF4/
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@9.4.0
purl pkg:maven/org.apache.solr/solr-core@9.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-hpys-9ncu-3bgv
3
vulnerability VCID-t4p6-84y8-kbbu
4
vulnerability VCID-uaxq-nmwp-5uct
5
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.4.0
aliases CVE-2023-44487, GHSA-2m7v-gc89-fjqf, GHSA-qppj-fm5r-hxr3, GHSA-vx74-f528-fxqg, GHSA-xpw8-rcwv-8f8p, GMS-2023-3377, VSV00013
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5781-s1ny-q7ey
4
url VCID-a4yf-9j54-e3cp
vulnerability_id VCID-a4yf-9j54-e3cp
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB attacks, which may result in: * The exfiltration of sensitive data such as OS user hashes (NTLM/LM hashes), * In case of misconfigured systems, SMB Relay Attacks which can lead to user impersonation on SMB Shares or, in a worse-case scenario, Remote Code Execution This issue affects all Apache Solr This issue only affects Windows.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44548
reference_id
reference_type
scores
0
value 0.0666
scoring_system epss
scoring_elements 0.91241
published_at 2026-04-16T12:55:00Z
1
value 0.0666
scoring_system epss
scoring_elements 0.91166
published_at 2026-04-01T12:55:00Z
2
value 0.0666
scoring_system epss
scoring_elements 0.91172
published_at 2026-04-02T12:55:00Z
3
value 0.0666
scoring_system epss
scoring_elements 0.9118
published_at 2026-04-04T12:55:00Z
4
value 0.0666
scoring_system epss
scoring_elements 0.91187
published_at 2026-04-07T12:55:00Z
5
value 0.0666
scoring_system epss
scoring_elements 0.91201
published_at 2026-04-08T12:55:00Z
6
value 0.0666
scoring_system epss
scoring_elements 0.91207
published_at 2026-04-09T12:55:00Z
7
value 0.0666
scoring_system epss
scoring_elements 0.91214
published_at 2026-04-11T12:55:00Z
8
value 0.0666
scoring_system epss
scoring_elements 0.91217
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44548
1
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
2
reference_url https://security.netapp.com/advisory/ntap-20220114-0005
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220114-0005
3
reference_url https://security.netapp.com/advisory/ntap-20220114-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220114-0005/
4
reference_url https://solr.apache.org/security.html#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://solr.apache.org/security.html#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44548
reference_id CVE-2021-44548
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44548
6
reference_url https://github.com/advisories/GHSA-pccr-q7v9-5f27
reference_id GHSA-pccr-q7v9-5f27
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pccr-q7v9-5f27
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.11.1
purl pkg:maven/org.apache.solr/solr-core@8.11.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-hpys-9ncu-3bgv
4
vulnerability VCID-jc41-ky5q-tkhv
5
vulnerability VCID-qkt3-eevh-ekcr
6
vulnerability VCID-t4p6-84y8-kbbu
7
vulnerability VCID-uaxq-nmwp-5uct
8
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.1
aliases CVE-2021-44548, GHSA-pccr-q7v9-5f27
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4yf-9j54-e3cp
5
url VCID-f12j-fvhp-quec
vulnerability_id VCID-f12j-fvhp-quec
summary 
Server-Side Request Forgery (SSRF)
There is a Server Side Request Forgery in Apache Solr. Because the `shards` parameter does not have a corresponding allowlist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.
references
0
reference_url http://mail-archives.apache.org/mod_mbox/www-announce/201902.mbox/%3CCAECwjAVjBN%3DwO5rYs6ktAX-5%3D-f5JDFwbbTSM2TTjEbGO5jKKA%40mail.gmail.com%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.apache.org/mod_mbox/www-announce/201902.mbox/%3CCAECwjAVjBN%3DwO5rYs6ktAX-5%3D-f5JDFwbbTSM2TTjEbGO5jKKA%40mail.gmail.com%3E
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3164
reference_id
reference_type
scores
0
value 0.5954
scoring_system epss
scoring_elements 0.9825
published_at 2026-04-13T12:55:00Z
1
value 0.5954
scoring_system epss
scoring_elements 0.98247
published_at 2026-04-09T12:55:00Z
2
value 0.5954
scoring_system epss
scoring_elements 0.98246
published_at 2026-04-08T12:55:00Z
3
value 0.5954
scoring_system epss
scoring_elements 0.98242
published_at 2026-04-07T12:55:00Z
4
value 0.5954
scoring_system epss
scoring_elements 0.98241
published_at 2026-04-04T12:55:00Z
5
value 0.5954
scoring_system epss
scoring_elements 0.98238
published_at 2026-04-02T12:55:00Z
6
value 0.5954
scoring_system epss
scoring_elements 0.98235
published_at 2026-04-01T12:55:00Z
7
value 0.5954
scoring_system epss
scoring_elements 0.98256
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3164
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3164
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3164
3
reference_url https://github.com/advisories/GHSA-vrh8-27q8-fr8f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-vrh8-27q8-fr8f
4
reference_url https://lists.apache.org/thread.html/43026507844ada1ac658ccf7bc939378c13e492fd6538416ce65df39@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/43026507844ada1ac658ccf7bc939378c13e492fd6538416ce65df39@%3Cdev.lucene.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/43026507844ada1ac658ccf7bc939378c13e492fd6538416ce65df39%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/43026507844ada1ac658ccf7bc939378c13e492fd6538416ce65df39%40%3Cdev.lucene.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/75dc651478f9d04505b46d44fe3ac739e7aaf3d7bf1257973685f8f7@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/75dc651478f9d04505b46d44fe3ac739e7aaf3d7bf1257973685f8f7@%3Cdev.lucene.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/75dc651478f9d04505b46d44fe3ac739e7aaf3d7bf1257973685f8f7%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/75dc651478f9d04505b46d44fe3ac739e7aaf3d7bf1257973685f8f7%40%3Cdev.lucene.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/ca3105b6934ccd28e843dffe39724f6963ff49825e9b709837203649@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ca3105b6934ccd28e843dffe39724f6963ff49825e9b709837203649@%3Cdev.lucene.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/ca3105b6934ccd28e843dffe39724f6963ff49825e9b709837203649%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ca3105b6934ccd28e843dffe39724f6963ff49825e9b709837203649%40%3Cdev.lucene.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/e0f9c652b57a91fdcc287efcead620af9f4d8e46b88f0b761aa265de@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e0f9c652b57a91fdcc287efcead620af9f4d8e46b88f0b761aa265de@%3Cdev.lucene.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/e0f9c652b57a91fdcc287efcead620af9f4d8e46b88f0b761aa265de%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/e0f9c652b57a91fdcc287efcead620af9f4d8e46b88f0b761aa265de%40%3Cdev.lucene.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
18
reference_url https://security.netapp.com/advisory/ntap-20190327-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190327-0003
19
reference_url https://security.netapp.com/advisory/ntap-20190327-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190327-0003/
20
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
21
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
22
reference_url http://www.securityfocus.com/bid/107026
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/107026
23
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922242
reference_id 922242
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922242
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3164
reference_id CVE-2017-3164
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3164
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@7.7.0
purl pkg:maven/org.apache.solr/solr-core@7.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-ftx3-494m-hbee
7
vulnerability VCID-hpys-9ncu-3bgv
8
vulnerability VCID-jc41-ky5q-tkhv
9
vulnerability VCID-t4p6-84y8-kbbu
10
vulnerability VCID-tt7h-4geu-5bc9
11
vulnerability VCID-uaxq-nmwp-5uct
12
vulnerability VCID-v5ka-6bd4-33ft
13
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.7.0
aliases CVE-2017-3164, GHSA-vrh8-27q8-fr8f
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f12j-fvhp-quec
6
url VCID-ftx3-494m-hbee
vulnerability_id VCID-ftx3-494m-hbee
summary 
Server-Side Request Forgery in Apache Solr
The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27905.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27905.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-27905
reference_id
reference_type
scores
0
value 0.93901
scoring_system epss
scoring_elements 0.99877
published_at 2026-04-16T12:55:00Z
1
value 0.93901
scoring_system epss
scoring_elements 0.99873
published_at 2026-04-01T12:55:00Z
2
value 0.93901
scoring_system epss
scoring_elements 0.99876
published_at 2026-04-13T12:55:00Z
3
value 0.93901
scoring_system epss
scoring_elements 0.99875
published_at 2026-04-07T12:55:00Z
4
value 0.93901
scoring_system epss
scoring_elements 0.99874
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-27905
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27905
3
reference_url https://lists.apache.org/thread.html/r0ddc3a82bd7523b1453cb7a5e09eb5559517145425074a42eb326b10%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0ddc3a82bd7523b1453cb7a5e09eb5559517145425074a42eb326b10%40%3Cannounce.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r6ccec7fc54d82591b23c143f1f6a6e38f6e03e75db70870e4cb14a1a@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccec7fc54d82591b23c143f1f6a6e38f6e03e75db70870e4cb14a1a@%3Ccommits.ofbiz.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r720a4a0497fc90bad5feec8aa18b777912ee15c7eeb5f882adbf523e@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r720a4a0497fc90bad5feec8aa18b777912ee15c7eeb5f882adbf523e@%3Ccommits.ofbiz.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r78a3a4f1138a1608b0c6d4a2ee7647848c1a20b0d5c652cd9b02c25a@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r78a3a4f1138a1608b0c6d4a2ee7647848c1a20b0d5c652cd9b02c25a@%3Ccommits.ofbiz.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r8f1152a43c36d878bbeb5a92f261e9efaf3af313b033d7acfccea59d@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f1152a43c36d878bbeb5a92f261e9efaf3af313b033d7acfccea59d@%3Cnotifications.ofbiz.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rae9ccaecce9859f709ed1458545d90a4c07163070dc98b5e9e59057f@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rae9ccaecce9859f709ed1458545d90a4c07163070dc98b5e9e59057f@%3Cnotifications.ofbiz.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rd232d77c57a8ce172359ab098df9512d8b37373ab87c444be911b430@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd232d77c57a8ce172359ab098df9512d8b37373ab87c444be911b430@%3Cnotifications.ofbiz.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/re9d64bb8e5dfefddcbf255adb4559e13a0df5b818da1b9b51329723f@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re9d64bb8e5dfefddcbf255adb4559e13a0df5b818da1b9b51329723f@%3Cnotifications.ofbiz.apache.org%3E
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-27905
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-27905
15
reference_url https://security.netapp.com/advisory/ntap-20210611-0009
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210611-0009
16
reference_url https://security.netapp.com/advisory/ntap-20210611-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210611-0009/
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1949516
reference_id 1949516
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1949516
18
reference_url https://security.archlinux.org/AVG-1808
reference_id AVG-1808
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1808
19
reference_url https://github.com/advisories/GHSA-5phw-3jrp-3vj8
reference_id GHSA-5phw-3jrp-3vj8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5phw-3jrp-3vj8
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.8.2
purl pkg:maven/org.apache.solr/solr-core@8.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-a4yf-9j54-e3cp
4
vulnerability VCID-hpys-9ncu-3bgv
5
vulnerability VCID-jc41-ky5q-tkhv
6
vulnerability VCID-t4p6-84y8-kbbu
7
vulnerability VCID-uaxq-nmwp-5uct
8
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.8.2
aliases CVE-2021-27905, GHSA-5phw-3jrp-3vj8
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftx3-494m-hbee
7
url VCID-gfmc-r1h7-dfhs
vulnerability_id VCID-gfmc-r1h7-dfhs
summary This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. Users are advised to upgrade to either Solr 6.6.4 or Solr 7.3.1 releases both of which address the vulnerability. Once upgrade is complete, no other steps are required. Those releases only allow external entities and Xincludes that refer to local files / zookeeper resources below the Solr instance directory (using Solr's ResourceLoader); usage of absolute URLs is denied. Keep in mind, that external entities and XInclude are explicitly supported to better structure config files in large installations. Before Solr 6 this was no problem, as config files were not accessible through the APIs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8010.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8010.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8010
reference_id
reference_type
scores
0
value 0.01708
scoring_system epss
scoring_elements 0.82356
published_at 2026-04-16T12:55:00Z
1
value 0.01708
scoring_system epss
scoring_elements 0.82322
published_at 2026-04-13T12:55:00Z
2
value 0.01708
scoring_system epss
scoring_elements 0.82266
published_at 2026-04-02T12:55:00Z
3
value 0.01708
scoring_system epss
scoring_elements 0.82328
published_at 2026-04-12T12:55:00Z
4
value 0.01708
scoring_system epss
scoring_elements 0.82334
published_at 2026-04-11T12:55:00Z
5
value 0.01708
scoring_system epss
scoring_elements 0.82314
published_at 2026-04-09T12:55:00Z
6
value 0.01708
scoring_system epss
scoring_elements 0.82307
published_at 2026-04-08T12:55:00Z
7
value 0.01708
scoring_system epss
scoring_elements 0.82253
published_at 2026-04-01T12:55:00Z
8
value 0.01708
scoring_system epss
scoring_elements 0.8228
published_at 2026-04-07T12:55:00Z
9
value 0.01708
scoring_system epss
scoring_elements 0.82285
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8010
2
reference_url https://github.com/advisories/GHSA-rc9v-h28f-jcmf
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rc9v-h28f-jcmf
3
reference_url https://github.com/apache/lucene-solr/commit/1b760114216fcdfae138a8b37f183a9293c4911
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/1b760114216fcdfae138a8b37f183a9293c4911
4
reference_url https://github.com/apache/lucene-solr/commit/4ba409e0ff3dc38aad88f7b7ad69a76325272b8
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/4ba409e0ff3dc38aad88f7b7ad69a76325272b8
5
reference_url https://github.com/apache/lucene-solr/commit/6c4e45e28494d4d4d04fb89852d18c86fa3d5f8
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/6c4e45e28494d4d4d04fb89852d18c86fa3d5f8
6
reference_url https://github.com/apache/lucene-solr/commit/6d082d5743dee7e08a86b3f2ef03bc025112512
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/6d082d5743dee7e08a86b3f2ef03bc025112512
7
reference_url https://github.com/apache/lucene-solr/commit/96f079b4b47eaadff65c7aaf0e5bafe68e30ec3
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/96f079b4b47eaadff65c7aaf0e5bafe68e30ec3
8
reference_url https://issues.apache.org/jira/browse/SOLR-12316
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-12316
9
reference_url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
11
reference_url https://mail-archives.apache.org/mod_mbox/www-announce/201805.mbox/%3C08a801d3f0f9%24df46d300%249dd47900%24%40apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://mail-archives.apache.org/mod_mbox/www-announce/201805.mbox/%3C08a801d3f0f9%24df46d300%249dd47900%24%40apache.org%3E
12
reference_url http://www.securityfocus.com/bid/104239
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/104239
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1581037
reference_id 1581037
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1581037
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8010
reference_id CVE-2018-8010
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8010
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@6.6.4
purl pkg:maven/org.apache.solr/solr-core@6.6.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-hpys-9ncu-3bgv
9
vulnerability VCID-jc41-ky5q-tkhv
10
vulnerability VCID-t4p6-84y8-kbbu
11
vulnerability VCID-tt7h-4geu-5bc9
12
vulnerability VCID-uaxq-nmwp-5uct
13
vulnerability VCID-v5ka-6bd4-33ft
14
vulnerability VCID-vkyg-mj2g-bqgp
15
vulnerability VCID-z2u5-9szx-vyax
16
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.4
1
url pkg:maven/org.apache.solr/solr-core@7.3.1
purl pkg:maven/org.apache.solr/solr-core@7.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-hpys-9ncu-3bgv
9
vulnerability VCID-jc41-ky5q-tkhv
10
vulnerability VCID-t4p6-84y8-kbbu
11
vulnerability VCID-tt7h-4geu-5bc9
12
vulnerability VCID-uaxq-nmwp-5uct
13
vulnerability VCID-v5ka-6bd4-33ft
14
vulnerability VCID-vkyg-mj2g-bqgp
15
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.3.1
aliases CVE-2018-8010, GHSA-rc9v-h28f-jcmf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfmc-r1h7-dfhs
8
url VCID-h9gm-dpgv-2yeh
vulnerability_id VCID-h9gm-dpgv-2yeh
summary This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1308.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1308.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1308
reference_id
reference_type
scores
0
value 0.05778
scoring_system epss
scoring_elements 0.90501
published_at 2026-04-16T12:55:00Z
1
value 0.05778
scoring_system epss
scoring_elements 0.90484
published_at 2026-04-13T12:55:00Z
2
value 0.05778
scoring_system epss
scoring_elements 0.90443
published_at 2026-04-01T12:55:00Z
3
value 0.05778
scoring_system epss
scoring_elements 0.90447
published_at 2026-04-02T12:55:00Z
4
value 0.05778
scoring_system epss
scoring_elements 0.90459
published_at 2026-04-04T12:55:00Z
5
value 0.05778
scoring_system epss
scoring_elements 0.90465
published_at 2026-04-07T12:55:00Z
6
value 0.05778
scoring_system epss
scoring_elements 0.90477
published_at 2026-04-08T12:55:00Z
7
value 0.05778
scoring_system epss
scoring_elements 0.90483
published_at 2026-04-09T12:55:00Z
8
value 0.05778
scoring_system epss
scoring_elements 0.9049
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1308
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1308
3
reference_url https://github.com/advisories/GHSA-3pph-2595-cgfh
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3pph-2595-cgfh
4
reference_url https://github.com/apache/lucene-solr/commit/02c693f3713add1b4891cbaa87127de3a55c10f
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/02c693f3713add1b4891cbaa87127de3a55c10f
5
reference_url https://github.com/apache/lucene-solr/commit/3530397f1777332872eac2760f9aa0e2ae1d7450
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/3530397f1777332872eac2760f9aa0e2ae1d7450
6
reference_url https://github.com/apache/lucene-solr/commit/739a7933
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/739a7933
7
reference_url https://github.com/apache/lucene-solr/commit/739a79338856599084617d44b6a1b424af059aa
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/739a79338856599084617d44b6a1b424af059aa
8
reference_url https://github.com/apache/lucene-solr/commit/dd3be31f7062dcb2f3b2d7f0e89df29e197dee6
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/dd3be31f7062dcb2f3b2d7f0e89df29e197dee6
9
reference_url https://github.com/apache/lucene-solr/commit/dd3be31f7062dcb2f3b2d7f0e89df29e197dee63
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/dd3be31f7062dcb2f3b2d7f0e89df29e197dee63
10
reference_url https://issues.apache.org/jira/browse/SOLR-11971
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-11971
11
reference_url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E
12
reference_url https://lists.debian.org/debian-lts-announce/2018/04/msg00025.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/04/msg00025.html
13
reference_url https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1308
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1308
15
reference_url https://www.debian.org/security/2018/dsa-4194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4194
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1564959
reference_id 1564959
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1564959
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896604
reference_id 896604
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896604
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@6.6.3
purl pkg:maven/org.apache.solr/solr-core@6.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-gfmc-r1h7-dfhs
9
vulnerability VCID-hpys-9ncu-3bgv
10
vulnerability VCID-jc41-ky5q-tkhv
11
vulnerability VCID-t4p6-84y8-kbbu
12
vulnerability VCID-tt7h-4geu-5bc9
13
vulnerability VCID-uaxq-nmwp-5uct
14
vulnerability VCID-v5ka-6bd4-33ft
15
vulnerability VCID-vkyg-mj2g-bqgp
16
vulnerability VCID-z2u5-9szx-vyax
17
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.3
1
url pkg:maven/org.apache.solr/solr-core@7.3.0
purl pkg:maven/org.apache.solr/solr-core@7.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-gfmc-r1h7-dfhs
9
vulnerability VCID-hpys-9ncu-3bgv
10
vulnerability VCID-jc41-ky5q-tkhv
11
vulnerability VCID-t4p6-84y8-kbbu
12
vulnerability VCID-tt7h-4geu-5bc9
13
vulnerability VCID-uaxq-nmwp-5uct
14
vulnerability VCID-v5ka-6bd4-33ft
15
vulnerability VCID-vkyg-mj2g-bqgp
16
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.3.0
aliases CVE-2018-1308, GHSA-3pph-2595-cgfh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h9gm-dpgv-2yeh
9
url VCID-hpys-9ncu-3bgv
vulnerability_id VCID-hpys-9ncu-3bgv
summary 
Apache Solr: Backup/Restore APIs allow for  deployment of executables in malicious ConfigSets
Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.

In the affected versions, Solr ConfigSets accepted Java jar and class files to be uploaded through the ConfigSets API.
When backing up Solr Collections, these configSet files would be saved to disk when using the LocalFileSystemRepository (the default for backups).
If the backup was saved to a directory that Solr uses in its ClassPath/ClassLoaders, then the jar and class files would be available to use with any ConfigSet, trusted or untrusted.

When Solr is run in a secure way (Authorization enabled), as is strongly suggested, this vulnerability is limited to extending the Backup permissions with the ability to add libraries.
Users are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.
In these versions, the following protections have been added:

  *  Users are no longer able to upload files to a configSet that could be executed via a Java ClassLoader.
  *  The Backup API restricts saving backups to directories that are used in the ClassLoader.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50386.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50386.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50386
reference_id
reference_type
scores
0
value 0.84724
scoring_system epss
scoring_elements 0.99343
published_at 2026-04-16T12:55:00Z
1
value 0.84724
scoring_system epss
scoring_elements 0.99335
published_at 2026-04-04T12:55:00Z
2
value 0.84724
scoring_system epss
scoring_elements 0.9934
published_at 2026-04-13T12:55:00Z
3
value 0.84724
scoring_system epss
scoring_elements 0.99339
published_at 2026-04-11T12:55:00Z
4
value 0.84724
scoring_system epss
scoring_elements 0.99338
published_at 2026-04-09T12:55:00Z
5
value 0.84724
scoring_system epss
scoring_elements 0.99337
published_at 2026-04-08T12:55:00Z
6
value 0.84724
scoring_system epss
scoring_elements 0.99333
published_at 2026-04-02T12:55:00Z
7
value 0.84724
scoring_system epss
scoring_elements 0.99336
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50386
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50386
3
reference_url https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda
4
reference_url https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9
5
reference_url https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859
6
reference_url https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152
7
reference_url https://issues.apache.org/jira/browse/SOLR-16949
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-16949
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-50386
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-50386
9
reference_url https://solr.apache.org/security.html#cve-2023-50386-apache-solr-backuprestore-apis-allow-for-deployment-of-executables-in-malicious-configsets
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-30T04:00:07Z/
url https://solr.apache.org/security.html#cve-2023-50386-apache-solr-backuprestore-apis-allow-for-deployment-of-executables-in-malicious-configsets
10
reference_url http://www.openwall.com/lists/oss-security/2024/02/09/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-30T04:00:07Z/
url http://www.openwall.com/lists/oss-security/2024/02/09/1
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263585
reference_id 2263585
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263585
12
reference_url https://github.com/advisories/GHSA-37vr-vmg4-jwpw
reference_id GHSA-37vr-vmg4-jwpw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-37vr-vmg4-jwpw
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.11.3
purl pkg:maven/org.apache.solr/solr-core@8.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-uaxq-nmwp-5uct
4
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3
1
url pkg:maven/org.apache.solr/solr-core@9.4.1
purl pkg:maven/org.apache.solr/solr-core@9.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-uaxq-nmwp-5uct
3
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.4.1
aliases CVE-2023-50386, GHSA-37vr-vmg4-jwpw
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpys-9ncu-3bgv
10
url VCID-jc41-ky5q-tkhv
vulnerability_id VCID-jc41-ky5q-tkhv
summary 
Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies
Insufficiently Protected Credentials vulnerability in Apache Solr.

This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0.
One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties that had "password" contained in the name.
There are a number of sensitive system properties, such as "basicauth" and "aws.secretKey" do not contain "password", thus their values were published via the "/admin/info/properties" endpoint.
This endpoint populates the list of System Properties on the home screen of the Solr Admin page, making the exposed credentials visible in the UI.

This /admin/info/properties endpoint is protected under the "config-read" permission.
Therefore, Solr Clouds with Authorization enabled will only be vulnerable through logged-in users that have the "config-read" permission.
Users are recommended to upgrade to version 9.3.0 or 8.11.3, both of which fix the issue.
A single option now controls hiding Java system property for all endpoints, "-Dsolr.hiddenSysProps".
By default all known sensitive properties are hidden (including "-Dbasicauth"), as well as any property with a name containing "secret" or "password".

Users who cannot upgrade can also use the following Java system property to fix the issue:
  `-Dsolr.redaction.system.pattern=.*(password|secret|basicauth).*`
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50291.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50291.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50291
reference_id
reference_type
scores
0
value 0.03074
scoring_system epss
scoring_elements 0.86771
published_at 2026-04-16T12:55:00Z
1
value 0.03074
scoring_system epss
scoring_elements 0.86756
published_at 2026-04-13T12:55:00Z
2
value 0.03074
scoring_system epss
scoring_elements 0.86763
published_at 2026-04-12T12:55:00Z
3
value 0.03074
scoring_system epss
scoring_elements 0.86766
published_at 2026-04-11T12:55:00Z
4
value 0.03074
scoring_system epss
scoring_elements 0.86753
published_at 2026-04-09T12:55:00Z
5
value 0.03074
scoring_system epss
scoring_elements 0.86743
published_at 2026-04-08T12:55:00Z
6
value 0.03074
scoring_system epss
scoring_elements 0.86724
published_at 2026-04-07T12:55:00Z
7
value 0.03074
scoring_system epss
scoring_elements 0.86725
published_at 2026-04-04T12:55:00Z
8
value 0.03074
scoring_system epss
scoring_elements 0.86706
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50291
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50291
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50291
3
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
4
reference_url https://github.com/apache/solr/commit/659021c7d50164a3166887f24875228431b02102
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/659021c7d50164a3166887f24875228431b02102
5
reference_url https://github.com/apache/solr/commit/98c198810f2cd934d23d0d80aadb570a2bbb3b8e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/98c198810f2cd934d23d0d80aadb570a2bbb3b8e
6
reference_url https://issues.apache.org/jira/browse/SOLR-16809
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-16809
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-50291
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-50291
8
reference_url https://solr.apache.org/security.html#cve-2023-50291-apache-solr-can-leak-certain-passwords-due-to-system-property-redaction-logic-inconsistencies
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:48Z/
url https://solr.apache.org/security.html#cve-2023-50291-apache-solr-can-leak-certain-passwords-due-to-system-property-redaction-logic-inconsistencies
9
reference_url http://www.openwall.com/lists/oss-security/2024/02/09/4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:48Z/
url http://www.openwall.com/lists/oss-security/2024/02/09/4
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263577
reference_id 2263577
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263577
11
reference_url https://github.com/advisories/GHSA-3hwc-rqwp-v36q
reference_id GHSA-3hwc-rqwp-v36q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3hwc-rqwp-v36q
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.11.3
purl pkg:maven/org.apache.solr/solr-core@8.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-uaxq-nmwp-5uct
4
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3
1
url pkg:maven/org.apache.solr/solr-core@9.3.0
purl pkg:maven/org.apache.solr/solr-core@9.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-hpys-9ncu-3bgv
4
vulnerability VCID-t4p6-84y8-kbbu
5
vulnerability VCID-uaxq-nmwp-5uct
6
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.3.0
aliases CVE-2023-50291, GHSA-3hwc-rqwp-v36q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jc41-ky5q-tkhv
11
url VCID-r413-tvjg-mfh3
vulnerability_id VCID-r413-tvjg-mfh3
summary Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either "HttpClientInterceptorPlugin" or "HttpClientBuilderPlugin", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected.
references
0
reference_url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7660
reference_id
reference_type
scores
url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7660
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7660.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7660.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7660
reference_id
reference_type
scores
0
value 0.00455
scoring_system epss
scoring_elements 0.63888
published_at 2026-04-16T12:55:00Z
1
value 0.00455
scoring_system epss
scoring_elements 0.63773
published_at 2026-04-01T12:55:00Z
2
value 0.00455
scoring_system epss
scoring_elements 0.63834
published_at 2026-04-02T12:55:00Z
3
value 0.00455
scoring_system epss
scoring_elements 0.6386
published_at 2026-04-04T12:55:00Z
4
value 0.00455
scoring_system epss
scoring_elements 0.63818
published_at 2026-04-07T12:55:00Z
5
value 0.00455
scoring_system epss
scoring_elements 0.63869
published_at 2026-04-08T12:55:00Z
6
value 0.00455
scoring_system epss
scoring_elements 0.63886
published_at 2026-04-12T12:55:00Z
7
value 0.00455
scoring_system epss
scoring_elements 0.639
published_at 2026-04-11T12:55:00Z
8
value 0.00455
scoring_system epss
scoring_elements 0.63852
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7660
3
reference_url https://github.com/apache/lucene-solr/commit/2f5ecbcf9ed7a3a4fd37b5c55860ad8eace1bea
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/2f5ecbcf9ed7a3a4fd37b5c55860ad8eace1bea
4
reference_url https://github.com/apache/lucene-solr/commit/9f91c619a35db89544f5c85795df4128c9f0d96
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/9f91c619a35db89544f5c85795df4128c9f0d96
5
reference_url https://github.com/apache/lucene-solr/commit/e3b0cfff396a7f92a4f621d598780116da916f3
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/e3b0cfff396a7f92a4f621d598780116da916f3
6
reference_url https://github.com/apache/lucene-solr/commit/e912b7cb5c68fbb87b874d41068cf5a3aea17da0
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/e912b7cb5c68fbb87b874d41068cf5a3aea17da0
7
reference_url https://issues.apache.org/jira/browse/SOLR-10624
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-10624
8
reference_url https://lists.apache.org/thread/o0g7vpz5sz4yy0pyf1z94vkpv40x6h44
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/o0g7vpz5sz4yy0pyf1z94vkpv40x6h44
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7660
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7660
10
reference_url https://security.netapp.com/advisory/ntap-20181127-0003
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20181127-0003
11
reference_url https://security.netapp.com/advisory/ntap-20181127-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20181127-0003/
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1473273
reference_id 1473273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1473273
13
reference_url https://github.com/advisories/GHSA-c82r-qg3w-q5mv
reference_id GHSA-c82r-qg3w-q5mv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c82r-qg3w-q5mv
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@6.6.0
purl pkg:maven/org.apache.solr/solr-core@6.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-gfmc-r1h7-dfhs
9
vulnerability VCID-h9gm-dpgv-2yeh
10
vulnerability VCID-hpys-9ncu-3bgv
11
vulnerability VCID-jc41-ky5q-tkhv
12
vulnerability VCID-rys3-pnnk-a7e4
13
vulnerability VCID-t4p6-84y8-kbbu
14
vulnerability VCID-tt7h-4geu-5bc9
15
vulnerability VCID-uaxq-nmwp-5uct
16
vulnerability VCID-v5ka-6bd4-33ft
17
vulnerability VCID-vkyg-mj2g-bqgp
18
vulnerability VCID-xypj-xu8p-gkbs
19
vulnerability VCID-z2u5-9szx-vyax
20
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.0
aliases CVE-2017-7660, GHSA-c82r-qg3w-q5mv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r413-tvjg-mfh3
12
url VCID-rys3-pnnk-a7e4
vulnerability_id VCID-rys3-pnnk-a7e4
summary Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML Query Parser which is available, by default, for any query request with parameters deftype=xmlparser and can be exploited to upload malicious data to the /upload request handler or as Blind XXE using ftp wrapper in order to read arbitrary local files from the Solr server. Note also that the second vulnerability relates to remote code execution using the RunExecutableListener available on all affected versions of Solr.
references
0
reference_url http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E
1
reference_url http://openwall.com/lists/oss-security/2017/10/13/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://openwall.com/lists/oss-security/2017/10/13/1
2
reference_url https://access.redhat.com/errata/RHSA-2017:3123
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3123
3
reference_url https://access.redhat.com/errata/RHSA-2017:3124
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3124
4
reference_url https://access.redhat.com/errata/RHSA-2017:3244
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3244
5
reference_url https://access.redhat.com/errata/RHSA-2017:3451
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3451
6
reference_url https://access.redhat.com/errata/RHSA-2017:3452
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:3452
7
reference_url https://access.redhat.com/errata/RHSA-2018:0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0002
8
reference_url https://access.redhat.com/errata/RHSA-2018:0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0003
9
reference_url https://access.redhat.com/errata/RHSA-2018:0004
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0004
10
reference_url https://access.redhat.com/errata/RHSA-2018:0005
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0005
11
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12629.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12629.json
12
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12629
reference_id
reference_type
scores
0
value 0.93891
scoring_system epss
scoring_elements 0.99875
published_at 2026-04-16T12:55:00Z
1
value 0.93891
scoring_system epss
scoring_elements 0.99874
published_at 2026-04-12T12:55:00Z
2
value 0.93891
scoring_system epss
scoring_elements 0.99873
published_at 2026-04-08T12:55:00Z
3
value 0.93891
scoring_system epss
scoring_elements 0.99872
published_at 2026-04-02T12:55:00Z
4
value 0.93891
scoring_system epss
scoring_elements 0.99871
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12629
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
15
reference_url https://github.com/advisories/GHSA-mh7g-99w9-xpjm
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-mh7g-99w9-xpjm
16
reference_url https://github.com/apache/lucene
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene
17
reference_url https://github.com/apache/lucene-solr/commit/3bba91131b5257e64b9d0a2193e1e32a145b2a2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/3bba91131b5257e64b9d0a2193e1e32a145b2a2
18
reference_url https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc
19
reference_url https://github.com/apache/lucene-solr/commit/d28baa3fc5566b47f1ca7cc2ba1aba658dc634a
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/d28baa3fc5566b47f1ca7cc2ba1aba658dc634a
20
reference_url https://github.com/apache/lucene-solr/commit/d8000beebfb13ba0b6e754f84c760e11592d8d1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/d8000beebfb13ba0b6e754f84c760e11592d8d1
21
reference_url https://github.com/apache/lucene-solr/commit/f9fd6e9e26224f26f1542224ce187e04c27b268
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/f9fd6e9e26224f26f1542224ce187e04c27b268
22
reference_url https://github.com/AsyncHttpClient/async-http-client/issues/1455
reference_id
reference_type
scores
url https://github.com/AsyncHttpClient/async-http-client/issues/1455
23
reference_url https://issues.apache.org/jira/browse/SOLR-11477
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-11477
24
reference_url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc%40%3Cusers.solr.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f%40%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f%40%3Coak-issues.jackrabbit.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314%40%3Cusers.solr.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef%40%3Cusers.solr.apache.org%3E
32
reference_url https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html
33
reference_url https://s.apache.org/FJDl
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://s.apache.org/FJDl
34
reference_url https://twitter.com/ApacheSolr/status/918731485611401216
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://twitter.com/ApacheSolr/status/918731485611401216
35
reference_url https://twitter.com/joshbressers/status/919258716297420802
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://twitter.com/joshbressers/status/919258716297420802
36
reference_url https://twitter.com/searchtools_avi/status/918904813613543424
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://twitter.com/searchtools_avi/status/918904813613543424
37
reference_url https://usn.ubuntu.com/4259-1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4259-1
38
reference_url https://www.debian.org/security/2018/dsa-4124
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4124
39
reference_url https://www.exploit-db.com/exploits/43009
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43009
40
reference_url https://www.exploit-db.com/exploits/43009/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43009/
41
reference_url http://www.securityfocus.com/bid/101261
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/101261
42
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1501529
reference_id 1501529
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1501529
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
52
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/xml/webapps/43009.txt
reference_id CVE-2017-12629
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/xml/webapps/43009.txt
53
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-12629
reference_id CVE-2017-12629
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-12629
54
reference_url http://www.cvedetails.com/cve/CVE-2017-12629/
reference_id CVE-2017-12629
reference_type
scores
url http://www.cvedetails.com/cve/CVE-2017-12629/
55
reference_url https://access.redhat.com/errata/RHSA-2020:2561
reference_id RHSA-2020:2561
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2561
56
reference_url https://access.redhat.com/errata/RHSA-2023:1334
reference_id RHSA-2023:1334
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1334
57
reference_url https://usn.ubuntu.com/4259-1/
reference_id USN-4259-1
reference_type
scores
url https://usn.ubuntu.com/4259-1/
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@6.6.2
purl pkg:maven/org.apache.solr/solr-core@6.6.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-gfmc-r1h7-dfhs
9
vulnerability VCID-h9gm-dpgv-2yeh
10
vulnerability VCID-hpys-9ncu-3bgv
11
vulnerability VCID-jc41-ky5q-tkhv
12
vulnerability VCID-t4p6-84y8-kbbu
13
vulnerability VCID-tt7h-4geu-5bc9
14
vulnerability VCID-uaxq-nmwp-5uct
15
vulnerability VCID-v5ka-6bd4-33ft
16
vulnerability VCID-vkyg-mj2g-bqgp
17
vulnerability VCID-z2u5-9szx-vyax
18
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.2
1
url pkg:maven/org.apache.solr/solr-core@7.1.0
purl pkg:maven/org.apache.solr/solr-core@7.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-gfmc-r1h7-dfhs
9
vulnerability VCID-h9gm-dpgv-2yeh
10
vulnerability VCID-hpys-9ncu-3bgv
11
vulnerability VCID-jc41-ky5q-tkhv
12
vulnerability VCID-t4p6-84y8-kbbu
13
vulnerability VCID-tt7h-4geu-5bc9
14
vulnerability VCID-uaxq-nmwp-5uct
15
vulnerability VCID-v5ka-6bd4-33ft
16
vulnerability VCID-vkyg-mj2g-bqgp
17
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.1.0
aliases CVE-2017-12629, GHSA-mh7g-99w9-xpjm
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rys3-pnnk-a7e4
13
url VCID-t4p6-84y8-kbbu
vulnerability_id VCID-t4p6-84y8-kbbu
summary 
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. This issue affects Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.

Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter.

When original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever "zkHost" the user provides.

An attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information, then send a streaming expression using the mock server's address in "zkHost".

Streaming Expressions are exposed via the "/streaming" handler, with "read" permissions.

Users are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.

From these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50298.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50298.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-50298
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13571
published_at 2026-04-16T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.1366
published_at 2026-04-13T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13791
published_at 2026-04-02T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13847
published_at 2026-04-04T12:55:00Z
4
value 0.00045
scoring_system epss
scoring_elements 0.13646
published_at 2026-04-07T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.13728
published_at 2026-04-08T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.13778
published_at 2026-04-09T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.1371
published_at 2026-04-12T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.13747
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-50298
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50298
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50298
3
reference_url https://github.com/apache/lucene-solr/commit/61c956c426b2cfb85ccef55d1afca4335eacd269
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/61c956c426b2cfb85ccef55d1afca4335eacd269
4
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
5
reference_url https://github.com/apache/solr/commit/e2bf1f434aad873fbb24c21d46ac00e888806d98
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/e2bf1f434aad873fbb24c21d46ac00e888806d98
6
reference_url https://issues.apache.org/jira/browse/SOLR-17098
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-17098
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-50298
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-50298
8
reference_url https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-19T16:14:53Z/
url https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions
9
reference_url http://www.openwall.com/lists/oss-security/2024/02/09/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-19T16:14:53Z/
url http://www.openwall.com/lists/oss-security/2024/02/09/2
10
reference_url http://www.openwall.com/lists/oss-security/2024/02/09/3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-19T16:14:53Z/
url http://www.openwall.com/lists/oss-security/2024/02/09/3
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263583
reference_id 2263583
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263583
12
reference_url https://github.com/advisories/GHSA-xrj7-x7gp-wwqr
reference_id GHSA-xrj7-x7gp-wwqr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xrj7-x7gp-wwqr
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.11.3
purl pkg:maven/org.apache.solr/solr-core@8.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-uaxq-nmwp-5uct
4
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3
1
url pkg:maven/org.apache.solr/solr-core@9.4.1
purl pkg:maven/org.apache.solr/solr-core@9.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-uaxq-nmwp-5uct
3
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.4.1
aliases CVE-2023-50298, GHSA-xrj7-x7gp-wwqr
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4p6-84y8-kbbu
14
url VCID-tt7h-4geu-5bc9
vulnerability_id VCID-tt7h-4geu-5bc9
summary 
XML External Entity (XXE) Injection in Apache Solr
In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request's "dataConfig" parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property "enable.dih.dataConfigParam" to true.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0193.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0193.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0193
reference_id
reference_type
scores
0
value 0.93076
scoring_system epss
scoring_elements 0.9979
published_at 2026-04-07T12:55:00Z
1
value 0.93076
scoring_system epss
scoring_elements 0.99789
published_at 2026-04-01T12:55:00Z
2
value 0.93076
scoring_system epss
scoring_elements 0.99791
published_at 2026-04-11T12:55:00Z
3
value 0.93438
scoring_system epss
scoring_elements 0.99819
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0193
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0193
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0193
3
reference_url https://github.com/apache/lucene-solr
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr
4
reference_url https://github.com/apache/lucene-solr/commit/02c693f3713add1b4891cbaa87127de3a55c10f7
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/02c693f3713add1b4891cbaa87127de3a55c10f7
5
reference_url https://issues.apache.org/jira/browse/SOLR-13669
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://issues.apache.org/jira/browse/SOLR-13669
6
reference_url https://lists.apache.org/thread.html/1addbb49a1fc0947fb32ca663d76d93cfaade35a4848a76d4b4ded9c@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1addbb49a1fc0947fb32ca663d76d93cfaade35a4848a76d4b4ded9c@%3Cissues.lucene.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/1addbb49a1fc0947fb32ca663d76d93cfaade35a4848a76d4b4ded9c%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/1addbb49a1fc0947fb32ca663d76d93cfaade35a4848a76d4b4ded9c%40%3Cissues.lucene.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/42cc4d334ba33905b872a0aa00d6a481391951c8b1450f01b077ce74@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/42cc4d334ba33905b872a0aa00d6a481391951c8b1450f01b077ce74@%3Cissues.lucene.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/42cc4d334ba33905b872a0aa00d6a481391951c8b1450f01b077ce74%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/42cc4d334ba33905b872a0aa00d6a481391951c8b1450f01b077ce74%40%3Cissues.lucene.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/55880d48e38ba9e8c41a3b9e41051dbfdef63b86b0cfeb32967edf03@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/55880d48e38ba9e8c41a3b9e41051dbfdef63b86b0cfeb32967edf03@%3Cissues.lucene.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/55880d48e38ba9e8c41a3b9e41051dbfdef63b86b0cfeb32967edf03%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/55880d48e38ba9e8c41a3b9e41051dbfdef63b86b0cfeb32967edf03%40%3Cissues.lucene.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/6f2d61bd8732224c5fd3bdd84798f8e01e4542d3ee2f527a52a81b83@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6f2d61bd8732224c5fd3bdd84798f8e01e4542d3ee2f527a52a81b83@%3Cissues.lucene.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/6f2d61bd8732224c5fd3bdd84798f8e01e4542d3ee2f527a52a81b83%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/6f2d61bd8732224c5fd3bdd84798f8e01e4542d3ee2f527a52a81b83%40%3Cissues.lucene.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/7143983363f0ba463475be4a8b775077070a08dbf075449b7beb51ee@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/7143983363f0ba463475be4a8b775077070a08dbf075449b7beb51ee@%3Cissues.lucene.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/7143983363f0ba463475be4a8b775077070a08dbf075449b7beb51ee%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/7143983363f0ba463475be4a8b775077070a08dbf075449b7beb51ee%40%3Cissues.lucene.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/9b0e7a7e3e18d0724f511403b364fc082ff56e3134d84cfece1c82fc@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/9b0e7a7e3e18d0724f511403b364fc082ff56e3134d84cfece1c82fc@%3Cissues.lucene.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/9b0e7a7e3e18d0724f511403b364fc082ff56e3134d84cfece1c82fc%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/9b0e7a7e3e18d0724f511403b364fc082ff56e3134d84cfece1c82fc%40%3Cissues.lucene.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/a6e3c09dba52b86d3a1273f82425973e1b0623c415d0e4f121d89eab@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a6e3c09dba52b86d3a1273f82425973e1b0623c415d0e4f121d89eab@%3Cissues.lucene.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/a6e3c09dba52b86d3a1273f82425973e1b0623c415d0e4f121d89eab%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/a6e3c09dba52b86d3a1273f82425973e1b0623c415d0e4f121d89eab%40%3Cissues.lucene.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/e85f735fad06a0fb46e74b7e6e9ce7ded20b59637cd9f993310f814d@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e85f735fad06a0fb46e74b7e6e9ce7ded20b59637cd9f993310f814d@%3Cissues.lucene.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/e85f735fad06a0fb46e74b7e6e9ce7ded20b59637cd9f993310f814d%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/e85f735fad06a0fb46e74b7e6e9ce7ded20b59637cd9f993310f814d%40%3Cissues.lucene.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
25
reference_url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc%40%3Cusers.solr.apache.org%3E
26
reference_url https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66@%3Cdev.lucene.apache.org%3E
27
reference_url https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E
28
reference_url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
29
reference_url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E
30
reference_url https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51@%3Cdev.lucene.apache.org%3E
31
reference_url https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E
32
reference_url https://lists.apache.org/thread.html/r33aed7ad4ee9833c4190a44e2b106efd2deb19504b85e012175540f6@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r33aed7ad4ee9833c4190a44e2b106efd2deb19504b85e012175540f6@%3Cissues.lucene.apache.org%3E
33
reference_url https://lists.apache.org/thread.html/r33aed7ad4ee9833c4190a44e2b106efd2deb19504b85e012175540f6%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/r33aed7ad4ee9833c4190a44e2b106efd2deb19504b85e012175540f6%40%3Cissues.lucene.apache.org%3E
34
reference_url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
35
reference_url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314%40%3Cusers.solr.apache.org%3E
36
reference_url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
37
reference_url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef%40%3Cusers.solr.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/rb34d820c21f1708c351f9035d6bc7daf80bfb6ef99b34f7af1d2f699@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb34d820c21f1708c351f9035d6bc7daf80bfb6ef99b34f7af1d2f699@%3Cissues.lucene.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/rb34d820c21f1708c351f9035d6bc7daf80bfb6ef99b34f7af1d2f699%40%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/rb34d820c21f1708c351f9035d6bc7daf80bfb6ef99b34f7af1d2f699%40%3Cissues.lucene.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
44
reference_url https://lists.debian.org/debian-lts-announce/2019/10/msg00013.html
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.debian.org/debian-lts-announce/2019/10/msg00013.html
45
reference_url https://lists.debian.org/debian-lts-announce/2020/08/msg00025.html
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-06T21:04:18Z/
url https://lists.debian.org/debian-lts-announce/2020/08/msg00025.html
46
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0193
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0193
47
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGAPACHESOLR-536063
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGAPACHESOLR-536063
48
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0193
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-0193
49
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1736774
reference_id 1736774
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1736774
50
reference_url https://github.com/advisories/GHSA-3gm7-v7vw-866c
reference_id GHSA-3gm7-v7vw-866c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3gm7-v7vw-866c
51
reference_url https://usn.ubuntu.com/7283-1/
reference_id USN-7283-1
reference_type
scores
url https://usn.ubuntu.com/7283-1/
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.2.0
purl pkg:maven/org.apache.solr/solr-core@8.2.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1m9m-xudm-47hw
1
vulnerability VCID-3gq7-8e2z-yqcv
2
vulnerability VCID-3vmh-e7x6-3kf6
3
vulnerability VCID-4dgs-1mk2-5ubr
4
vulnerability VCID-5781-s1ny-q7ey
5
vulnerability VCID-835p-mav1-1qem
6
vulnerability VCID-a4yf-9j54-e3cp
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-hpys-9ncu-3bgv
9
vulnerability VCID-jc41-ky5q-tkhv
10
vulnerability VCID-t4p6-84y8-kbbu
11
vulnerability VCID-uaxq-nmwp-5uct
12
vulnerability VCID-v5ka-6bd4-33ft
13
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.2.0
aliases CVE-2019-0193, GHSA-3gm7-v7vw-866c
risk_score 10.0
exploitability 2.0
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt7h-4geu-5bc9
15
url VCID-v5ka-6bd4-33ft
vulnerability_id VCID-v5ka-6bd4-33ft
summary 
Apache Solr vulnerable to Execution with Unnecessary Privileges
Core creation allows users to replace "trusted" configset files with arbitrary configuration

Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual "trusted" configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem.  These replacement config files are treated as "trusted" and can use "<lib>" tags to add to Solr's classpath, which an attacker might use to load malicious code as a searchComponent or other plugin.

This issue affects all Apache Solr versions up through Solr 9.7.  Users can protect against the vulnerability by enabling authentication and authorization on their Solr clusters or switching to SolrCloud (and away from "FileSystemConfigSetService").  Users are also recommended to upgrade to Solr 9.8.0, which mitigates this issue by disabling use of "<lib>" tags by default.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24814.json
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24814.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-24814
reference_id
reference_type
scores
0
value 0.00777
scoring_system epss
scoring_elements 0.73671
published_at 2026-04-16T12:55:00Z
1
value 0.00777
scoring_system epss
scoring_elements 0.73627
published_at 2026-04-13T12:55:00Z
2
value 0.00777
scoring_system epss
scoring_elements 0.73635
published_at 2026-04-12T12:55:00Z
3
value 0.00777
scoring_system epss
scoring_elements 0.73653
published_at 2026-04-11T12:55:00Z
4
value 0.00777
scoring_system epss
scoring_elements 0.73631
published_at 2026-04-09T12:55:00Z
5
value 0.00777
scoring_system epss
scoring_elements 0.73618
published_at 2026-04-08T12:55:00Z
6
value 0.00777
scoring_system epss
scoring_elements 0.73582
published_at 2026-04-07T12:55:00Z
7
value 0.00777
scoring_system epss
scoring_elements 0.73586
published_at 2026-04-02T12:55:00Z
8
value 0.00777
scoring_system epss
scoring_elements 0.73609
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-24814
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24814
3
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
4
reference_url https://github.com/apache/solr/commit/f492e24881c5724a1b1baecfc9549e2cb0257525
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/f492e24881c5724a1b1baecfc9549e2cb0257525
5
reference_url https://issues.apache.org/jira/browse/SOLR-16781
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-16781
6
reference_url https://lists.apache.org/thread/gl291pn8x9f9n52ys5l0pc0b6qtf0qw1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T14:10:58Z/
url https://lists.apache.org/thread/gl291pn8x9f9n52ys5l0pc0b6qtf0qw1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-24814
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-24814
8
reference_url https://security.netapp.com/advisory/ntap-20250214-0002
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20250214-0002
9
reference_url http://www.openwall.com/lists/oss-security/2025/01/26/1
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/01/26/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2342221
reference_id 2342221
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2342221
11
reference_url https://github.com/advisories/GHSA-68r2-fwcg-qpm8
reference_id GHSA-68r2-fwcg-qpm8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-68r2-fwcg-qpm8
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@9.8.0
purl pkg:maven/org.apache.solr/solr-core@9.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.8.0
aliases CVE-2025-24814, GHSA-68r2-fwcg-qpm8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v5ka-6bd4-33ft
16
url VCID-vkyg-mj2g-bqgp
vulnerability_id VCID-vkyg-mj2g-bqgp
summary This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8026.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8026.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8026
reference_id
reference_type
scores
0
value 0.04341
scoring_system epss
scoring_elements 0.88947
published_at 2026-04-16T12:55:00Z
1
value 0.04341
scoring_system epss
scoring_elements 0.88939
published_at 2026-04-11T12:55:00Z
2
value 0.04341
scoring_system epss
scoring_elements 0.88933
published_at 2026-04-13T12:55:00Z
3
value 0.04341
scoring_system epss
scoring_elements 0.88934
published_at 2026-04-12T12:55:00Z
4
value 0.04341
scoring_system epss
scoring_elements 0.88878
published_at 2026-04-01T12:55:00Z
5
value 0.04341
scoring_system epss
scoring_elements 0.88886
published_at 2026-04-02T12:55:00Z
6
value 0.04341
scoring_system epss
scoring_elements 0.88901
published_at 2026-04-04T12:55:00Z
7
value 0.04341
scoring_system epss
scoring_elements 0.88904
published_at 2026-04-07T12:55:00Z
8
value 0.04341
scoring_system epss
scoring_elements 0.88922
published_at 2026-04-08T12:55:00Z
9
value 0.04341
scoring_system epss
scoring_elements 0.88927
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8026
2
reference_url https://github.com/advisories/GHSA-7px3-6f6g-hxcj
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-7px3-6f6g-hxcj
3
reference_url https://github.com/apache/lucene-solr/commit/1880d4824e6c5f98170b9a00aad1d437ee2aa12
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/1880d4824e6c5f98170b9a00aad1d437ee2aa12
4
reference_url https://github.com/apache/lucene-solr/commit/3aa6086ed99fa7158d423dc7c33dae6da466b09
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/3aa6086ed99fa7158d423dc7c33dae6da466b09
5
reference_url https://github.com/apache/lucene-solr/commit/d1baf6ba593561f39e2da0a71a8440797005b55
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/d1baf6ba593561f39e2da0a71a8440797005b55
6
reference_url https://github.com/apache/lucene-solr/commit/e21d4937e0637c7b7949ac463f331da9a42c07f
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/e21d4937e0637c7b7949ac463f331da9a42c07f
7
reference_url https://github.com/apache/lucene-solr/commit/e5407c5a9710247e5f728aae36224a245a51f0b
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/e5407c5a9710247e5f728aae36224a245a51f0b
8
reference_url https://issues.apache.org/jira/browse/SOLR-12450
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-12450
9
reference_url https://mail-archives.apache.org/mod_mbox/lucene-solr-user/201807.mbox/%3C0cdc01d413b7%24f97ba580%24ec72f080%24%40apache.org%3E
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://mail-archives.apache.org/mod_mbox/lucene-solr-user/201807.mbox/%3C0cdc01d413b7%24f97ba580%24ec72f080%24%40apache.org%3E
10
reference_url https://security.netapp.com/advisory/ntap-20190307-0002
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190307-0002
11
reference_url https://security.netapp.com/advisory/ntap-20190307-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190307-0002/
12
reference_url http://www.securityfocus.com/bid/104690
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104690
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1598621
reference_id 1598621
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1598621
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-8026
reference_id CVE-2018-8026
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:P/I:N/A:N
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-8026
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@6.6.5
purl pkg:maven/org.apache.solr/solr-core@6.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-hpys-9ncu-3bgv
9
vulnerability VCID-jc41-ky5q-tkhv
10
vulnerability VCID-t4p6-84y8-kbbu
11
vulnerability VCID-tt7h-4geu-5bc9
12
vulnerability VCID-uaxq-nmwp-5uct
13
vulnerability VCID-v5ka-6bd4-33ft
14
vulnerability VCID-z2u5-9szx-vyax
15
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.5
1
url pkg:maven/org.apache.solr/solr-core@7.4.0
purl pkg:maven/org.apache.solr/solr-core@7.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-hpys-9ncu-3bgv
9
vulnerability VCID-jc41-ky5q-tkhv
10
vulnerability VCID-t4p6-84y8-kbbu
11
vulnerability VCID-tt7h-4geu-5bc9
12
vulnerability VCID-uaxq-nmwp-5uct
13
vulnerability VCID-v5ka-6bd4-33ft
14
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.4.0
aliases CVE-2018-8026, GHSA-7px3-6f6g-hxcj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkyg-mj2g-bqgp
17
url VCID-xypj-xu8p-gkbs
vulnerability_id VCID-xypj-xu8p-gkbs
summary Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider type of ACL provider e.g. SaslZkACLProvider). Firstly, access to the security configuration can be leaked to users other than the solr super user. Secondly, malicious users can exploit this leaked configuration for privilege escalation to further expose/modify private data and/or disrupt operations in the Solr cluster. The vulnerability is fixed from Apache Solr 6.6.1 onwards.
references
0
reference_url http://mail-archives.us.apache.org/mod_mbox/www-announce/201709.mbox/%3CCAOOKt53AOScg04zUh0%2BR_fcXD0C9s5mQ-OzdgYdnHz49u1KmXw%40mail.gmail.com%3E
reference_id
reference_type
scores
url http://mail-archives.us.apache.org/mod_mbox/www-announce/201709.mbox/%3CCAOOKt53AOScg04zUh0%2BR_fcXD0C9s5mQ-OzdgYdnHz49u1KmXw%40mail.gmail.com%3E
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9803.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9803.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9803
reference_id
reference_type
scores
0
value 0.01546
scoring_system epss
scoring_elements 0.81433
published_at 2026-04-16T12:55:00Z
1
value 0.01546
scoring_system epss
scoring_elements 0.81331
published_at 2026-04-01T12:55:00Z
2
value 0.01546
scoring_system epss
scoring_elements 0.81341
published_at 2026-04-02T12:55:00Z
3
value 0.01546
scoring_system epss
scoring_elements 0.81363
published_at 2026-04-04T12:55:00Z
4
value 0.01546
scoring_system epss
scoring_elements 0.81361
published_at 2026-04-07T12:55:00Z
5
value 0.01546
scoring_system epss
scoring_elements 0.8139
published_at 2026-04-08T12:55:00Z
6
value 0.01546
scoring_system epss
scoring_elements 0.81395
published_at 2026-04-09T12:55:00Z
7
value 0.01546
scoring_system epss
scoring_elements 0.81416
published_at 2026-04-11T12:55:00Z
8
value 0.01546
scoring_system epss
scoring_elements 0.81404
published_at 2026-04-12T12:55:00Z
9
value 0.01546
scoring_system epss
scoring_elements 0.81397
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9803
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9803
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9803
4
reference_url https://github.com/apache/lucene-solr/commit/b091934f9e98568b848d0584a1145c8e514cbd21
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/b091934f9e98568b848d0584a1145c8e514cbd21
5
reference_url https://issues.apache.org/jira/browse/SOLR-11184
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-11184
6
reference_url https://lists.apache.org/thread/f4rbt657n9x4kb74k1txhcojof5dzol5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/f4rbt657n9x4kb74k1txhcojof5dzol5
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9803
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-9803
8
reference_url http://www.securityfocus.com/bid/100870
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100870
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1493507
reference_id 1493507
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1493507
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.4.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.4.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.4.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.4.2:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.5.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.5.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.5.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.5.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.5.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.5.1:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:6.6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:6.6.0:*:*:*:*:*:*:*
19
reference_url https://github.com/advisories/GHSA-f553-j2gv-g5r9
reference_id GHSA-f553-j2gv-g5r9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f553-j2gv-g5r9
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@6.6.1
purl pkg:maven/org.apache.solr/solr-core@6.6.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-gfmc-r1h7-dfhs
9
vulnerability VCID-h9gm-dpgv-2yeh
10
vulnerability VCID-hpys-9ncu-3bgv
11
vulnerability VCID-jc41-ky5q-tkhv
12
vulnerability VCID-rys3-pnnk-a7e4
13
vulnerability VCID-t4p6-84y8-kbbu
14
vulnerability VCID-tt7h-4geu-5bc9
15
vulnerability VCID-uaxq-nmwp-5uct
16
vulnerability VCID-v5ka-6bd4-33ft
17
vulnerability VCID-vkyg-mj2g-bqgp
18
vulnerability VCID-z2u5-9szx-vyax
19
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.1
aliases CVE-2017-9803, GHSA-f553-j2gv-g5r9
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xypj-xu8p-gkbs
18
url VCID-z2u5-9szx-vyax
vulnerability_id VCID-z2u5-9szx-vyax
summary 
Deserialization of Untrusted Data
In Apache Solr versions, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.
references
0
reference_url http://mail-archives.us.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAECwjAV1buZwg%2BMcV9EAQ19MeAWztPVJYD4zGK8kQdADFYij1w%40mail.gmail.com%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://mail-archives.us.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAECwjAV1buZwg%2BMcV9EAQ19MeAWztPVJYD4zGK8kQdADFYij1w%40mail.gmail.com%3E
1
reference_url https://access.redhat.com/errata/RHSA-2019:2413
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2413
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0192.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0192.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0192
reference_id
reference_type
scores
0
value 0.93545
scoring_system epss
scoring_elements 0.99828
published_at 2026-04-09T12:55:00Z
1
value 0.93545
scoring_system epss
scoring_elements 0.99829
published_at 2026-04-11T12:55:00Z
2
value 0.93545
scoring_system epss
scoring_elements 0.9983
published_at 2026-04-13T12:55:00Z
3
value 0.93545
scoring_system epss
scoring_elements 0.99831
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0192
4
reference_url https://github.com/advisories/GHSA-xhcq-fv7x-grr2
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xhcq-fv7x-grr2
5
reference_url https://lists.apache.org/thread.html/42c5682f4acd1d03bd963e4f47ae448d7cff66c16b19142773818892@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/42c5682f4acd1d03bd963e4f47ae448d7cff66c16b19142773818892@%3Cdev.lucene.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/42c5682f4acd1d03bd963e4f47ae448d7cff66c16b19142773818892%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/42c5682f4acd1d03bd963e4f47ae448d7cff66c16b19142773818892%40%3Cdev.lucene.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d@%3Cdev.lucene.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d%40%3Cdev.lucene.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/b0ace855f569c6b7a0b03ba68566e53b1a1a519abd536bf38978ce4a@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0ace855f569c6b7a0b03ba68566e53b1a1a519abd536bf38978ce4a@%3Cdev.lucene.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/b0ace855f569c6b7a0b03ba68566e53b1a1a519abd536bf38978ce4a%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b0ace855f569c6b7a0b03ba68566e53b1a1a519abd536bf38978ce4a%40%3Cdev.lucene.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/d0e608c681dfbb16b4da68d99d43fa0ddbd366bb3bcf5bc0d43c56d7@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/d0e608c681dfbb16b4da68d99d43fa0ddbd366bb3bcf5bc0d43c56d7@%3Cdev.lucene.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/d0e608c681dfbb16b4da68d99d43fa0ddbd366bb3bcf5bc0d43c56d7%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/d0e608c681dfbb16b4da68d99d43fa0ddbd366bb3bcf5bc0d43c56d7%40%3Cdev.lucene.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/ec9c572fb803b26ba0318777977ee6d6a2fb3a2c50d9b4224e541d5d@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ec9c572fb803b26ba0318777977ee6d6a2fb3a2c50d9b4224e541d5d@%3Cdev.lucene.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/ec9c572fb803b26ba0318777977ee6d6a2fb3a2c50d9b4224e541d5d%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ec9c572fb803b26ba0318777977ee6d6a2fb3a2c50d9b4224e541d5d%40%3Cdev.lucene.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
21
reference_url https://security.netapp.com/advisory/ntap-20190327-0003
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190327-0003
22
reference_url https://security.netapp.com/advisory/ntap-20190327-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190327-0003/
23
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
24
reference_url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
25
reference_url http://www.securityfocus.com/bid/107318
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/107318
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1692345
reference_id 1692345
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1692345
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0192
reference_id CVE-2019-0192
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0192
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@6.6.6
purl pkg:maven/org.apache.solr/solr-core@6.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-hpys-9ncu-3bgv
9
vulnerability VCID-jc41-ky5q-tkhv
10
vulnerability VCID-jugm-3s3r-8kf8
11
vulnerability VCID-t4p6-84y8-kbbu
12
vulnerability VCID-tt7h-4geu-5bc9
13
vulnerability VCID-uaxq-nmwp-5uct
14
vulnerability VCID-v5ka-6bd4-33ft
15
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.6
1
url pkg:maven/org.apache.solr/solr-core@7.0.0
purl pkg:maven/org.apache.solr/solr-core@7.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-835p-mav1-1qem
5
vulnerability VCID-a4yf-9j54-e3cp
6
vulnerability VCID-f12j-fvhp-quec
7
vulnerability VCID-ftx3-494m-hbee
8
vulnerability VCID-gfmc-r1h7-dfhs
9
vulnerability VCID-h9gm-dpgv-2yeh
10
vulnerability VCID-hpys-9ncu-3bgv
11
vulnerability VCID-jc41-ky5q-tkhv
12
vulnerability VCID-jugm-3s3r-8kf8
13
vulnerability VCID-rys3-pnnk-a7e4
14
vulnerability VCID-t4p6-84y8-kbbu
15
vulnerability VCID-tt7h-4geu-5bc9
16
vulnerability VCID-uaxq-nmwp-5uct
17
vulnerability VCID-v5ka-6bd4-33ft
18
vulnerability VCID-vkyg-mj2g-bqgp
19
vulnerability VCID-vsgv-kss4-nqcb
20
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.0.0
aliases CVE-2019-0192, GHSA-xhcq-fv7x-grr2
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z2u5-9szx-vyax
19
url VCID-zrn1-s7ht-pbdt
vulnerability_id VCID-zrn1-s7ht-pbdt
summary 
Improper permission handling in Apache Solr
When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be readable. Additionally, with any ZkACLProvider, if the security.json is already present, Solr will not automatically update the ACLs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29262.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29262.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29262
reference_id
reference_type
scores
0
value 0.26231
scoring_system epss
scoring_elements 0.96308
published_at 2026-04-16T12:55:00Z
1
value 0.26231
scoring_system epss
scoring_elements 0.96259
published_at 2026-04-01T12:55:00Z
2
value 0.26231
scoring_system epss
scoring_elements 0.96299
published_at 2026-04-13T12:55:00Z
3
value 0.26231
scoring_system epss
scoring_elements 0.96295
published_at 2026-04-12T12:55:00Z
4
value 0.26231
scoring_system epss
scoring_elements 0.96296
published_at 2026-04-11T12:55:00Z
5
value 0.26231
scoring_system epss
scoring_elements 0.96291
published_at 2026-04-09T12:55:00Z
6
value 0.26231
scoring_system epss
scoring_elements 0.96288
published_at 2026-04-08T12:55:00Z
7
value 0.26231
scoring_system epss
scoring_elements 0.96279
published_at 2026-04-07T12:55:00Z
8
value 0.26231
scoring_system epss
scoring_elements 0.96274
published_at 2026-04-04T12:55:00Z
9
value 0.26231
scoring_system epss
scoring_elements 0.96267
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29262
2
reference_url https://issues.apache.org/jira/browse/SOLR-15249
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-15249
3
reference_url https://lists.apache.org/thread.html/r1171f6417eeb6d5e1206d53e2b2ff2d6ee14026f8b595ef7d8a33b79@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1171f6417eeb6d5e1206d53e2b2ff2d6ee14026f8b595ef7d8a33b79@%3Coak-issues.jackrabbit.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r1e92a2eff6c47a65c4a6e95e809a9707181de76f8062403a0bea1012@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1e92a2eff6c47a65c4a6e95e809a9707181de76f8062403a0bea1012@%3Coak-issues.jackrabbit.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r51b29ff62060b67bc9999ded5e252b36b09311fe5a02d27f6de3e4d3@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r51b29ff62060b67bc9999ded5e252b36b09311fe5a02d27f6de3e4d3@%3Coak-issues.jackrabbit.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r536da4c4e4e406f7843461cc754a3d0a3fe575aa576e2b71a9cd57d0%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r536da4c4e4e406f7843461cc754a3d0a3fe575aa576e2b71a9cd57d0%40%3Cannounce.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r7151081abab92a827a607205c4260b0a3d22280b52d15bc909177608@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7151081abab92a827a607205c4260b0a3d22280b52d15bc909177608@%3Coak-issues.jackrabbit.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r8d35eeb9a470d2682b5bcf3be0b8942faa7e28f9ca5861c058d17fff@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8d35eeb9a470d2682b5bcf3be0b8942faa7e28f9ca5861c058d17fff@%3Coak-issues.jackrabbit.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r9c4ce6903218c92ef2583070e64af5a69e483821c4b3016dc41e3c6f@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9c4ce6903218c92ef2583070e64af5a69e483821c4b3016dc41e3c6f@%3Coak-issues.jackrabbit.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/rb6db683903174eaa44ec80cc118a38574319b0d4181f36b61ee6278f@%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb6db683903174eaa44ec80cc118a38574319b0d4181f36b61ee6278f@%3Cdev.jackrabbit.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rbc680cbfd745f22d182158217428a296e8e398cde16f3f428fe4bddc@%3Coak-issues.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbc680cbfd745f22d182158217428a296e8e398cde16f3f428fe4bddc@%3Coak-issues.jackrabbit.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rd85f87e559ee27e9c69795e3ad93a77621895e0328ea3df41d711d72@%3Coak-commits.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd85f87e559ee27e9c69795e3ad93a77621895e0328ea3df41d711d72@%3Coak-commits.jackrabbit.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/ref84e60192f4bdc3206b247f260513e8d4e71f3e200792f75386d07a@%3Cdev.jackrabbit.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ref84e60192f4bdc3206b247f260513e8d4e71f3e200792f75386d07a@%3Cdev.jackrabbit.apache.org%3E
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-29262
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-29262
15
reference_url https://security.netapp.com/advisory/ntap-20210604-0009
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210604-0009
16
reference_url https://security.netapp.com/advisory/ntap-20210604-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210604-0009/
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1949520
reference_id 1949520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1949520
18
reference_url https://security.archlinux.org/AVG-1808
reference_id AVG-1808
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1808
19
reference_url https://github.com/advisories/GHSA-jgcr-fg3g-qvw8
reference_id GHSA-jgcr-fg3g-qvw8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jgcr-fg3g-qvw8
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@8.8.2
purl pkg:maven/org.apache.solr/solr-core@8.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-418m-x1un-gufd
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-a4yf-9j54-e3cp
4
vulnerability VCID-hpys-9ncu-3bgv
5
vulnerability VCID-jc41-ky5q-tkhv
6
vulnerability VCID-t4p6-84y8-kbbu
7
vulnerability VCID-uaxq-nmwp-5uct
8
vulnerability VCID-v5ka-6bd4-33ft
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.8.2
aliases CVE-2021-29262, GHSA-jgcr-fg3g-qvw8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zrn1-s7ht-pbdt
Fixing_vulnerabilities
0
url VCID-ke61-vddr-4udk
vulnerability_id VCID-ke61-vddr-4udk
summary When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
references
0
reference_url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
reference_id
reference_type
scores
url http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
1
reference_url https://access.redhat.com/errata/RHSA-2018:1447
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1447
2
reference_url https://access.redhat.com/errata/RHSA-2018:1448
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1448
3
reference_url https://access.redhat.com/errata/RHSA-2018:1449
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1449
4
reference_url https://access.redhat.com/errata/RHSA-2018:1450
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1450
5
reference_url https://access.redhat.com/errata/RHSA-2018:1451
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:1451
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3163.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3163.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-3163
reference_id
reference_type
scores
0
value 0.16448
scoring_system epss
scoring_elements 0.94878
published_at 2026-04-09T12:55:00Z
1
value 0.16448
scoring_system epss
scoring_elements 0.94894
published_at 2026-04-16T12:55:00Z
2
value 0.16448
scoring_system epss
scoring_elements 0.9486
published_at 2026-04-02T12:55:00Z
3
value 0.16448
scoring_system epss
scoring_elements 0.94863
published_at 2026-04-04T12:55:00Z
4
value 0.16448
scoring_system epss
scoring_elements 0.94865
published_at 2026-04-07T12:55:00Z
5
value 0.16448
scoring_system epss
scoring_elements 0.94874
published_at 2026-04-08T12:55:00Z
6
value 0.16448
scoring_system epss
scoring_elements 0.94887
published_at 2026-04-13T12:55:00Z
7
value 0.16448
scoring_system epss
scoring_elements 0.94885
published_at 2026-04-12T12:55:00Z
8
value 0.16448
scoring_system epss
scoring_elements 0.94882
published_at 2026-04-11T12:55:00Z
9
value 0.16448
scoring_system epss
scoring_elements 0.9485
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-3163
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
10
reference_url https://github.com/advisories/GHSA-387v-84cv-9qmc
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-387v-84cv-9qmc
11
reference_url https://github.com/apache/lucene-solr/commit/3a4f885b18bc963a8326c752bd229497908f1db
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/3a4f885b18bc963a8326c752bd229497908f1db
12
reference_url https://github.com/apache/lucene-solr/commit/6f598d24692a89da9b5b671be6cf4b947aa39266
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/6f598d24692a89da9b5b671be6cf4b947aa39266
13
reference_url https://github.com/apache/lucene-solr/commit/7088137d52256354a52ed86547b9faa0e704293
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/7088137d52256354a52ed86547b9faa0e704293
14
reference_url https://github.com/apache/lucene-solr/commit/ae789c252687dc8a18bfdb677f2e6cd14570e4d
reference_id
reference_type
scores
url https://github.com/apache/lucene-solr/commit/ae789c252687dc8a18bfdb677f2e6cd14570e4d
15
reference_url https://issues.apache.org/jira/browse/SOLR-10031
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/SOLR-10031
16
reference_url https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E
17
reference_url https://www.debian.org/security/2018/dsa-4124
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2018/dsa-4124
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1454783
reference_id 1454783
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1454783
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867712
reference_id 867712
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867712
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-3163
reference_id CVE-2017-3163
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-3163
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@5.5.4
purl pkg:maven/org.apache.solr/solr-core@5.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-a4yf-9j54-e3cp
5
vulnerability VCID-f12j-fvhp-quec
6
vulnerability VCID-ftx3-494m-hbee
7
vulnerability VCID-h9gm-dpgv-2yeh
8
vulnerability VCID-r413-tvjg-mfh3
9
vulnerability VCID-rys3-pnnk-a7e4
10
vulnerability VCID-tt7h-4geu-5bc9
11
vulnerability VCID-v5ka-6bd4-33ft
12
vulnerability VCID-xypj-xu8p-gkbs
13
vulnerability VCID-z2u5-9szx-vyax
14
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.5.4
1
url pkg:maven/org.apache.solr/solr-core@6.4.1
purl pkg:maven/org.apache.solr/solr-core@6.4.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gq7-8e2z-yqcv
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-a4yf-9j54-e3cp
5
vulnerability VCID-f12j-fvhp-quec
6
vulnerability VCID-ftx3-494m-hbee
7
vulnerability VCID-gfmc-r1h7-dfhs
8
vulnerability VCID-h9gm-dpgv-2yeh
9
vulnerability VCID-hpys-9ncu-3bgv
10
vulnerability VCID-jc41-ky5q-tkhv
11
vulnerability VCID-r413-tvjg-mfh3
12
vulnerability VCID-rys3-pnnk-a7e4
13
vulnerability VCID-t4p6-84y8-kbbu
14
vulnerability VCID-tt7h-4geu-5bc9
15
vulnerability VCID-v5ka-6bd4-33ft
16
vulnerability VCID-vkyg-mj2g-bqgp
17
vulnerability VCID-xypj-xu8p-gkbs
18
vulnerability VCID-z2u5-9szx-vyax
19
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.4.1
aliases CVE-2017-3163, GHSA-387v-84cv-9qmc
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ke61-vddr-4udk
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.4.1