Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
Typedeb
Namespacedebian
Namelucene-solr
Version3.6.2+dfsg-2
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.6.2+dfsg-11
Latest_non_vulnerable_version3.6.2+dfsg-27
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3f1v-ypty-mygx
vulnerability_id VCID-3f1v-ypty-mygx
summary The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different vectors than CVE-2013-6407.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-1844.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1844.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0029.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0029.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6612.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6612.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6612
reference_id
reference_type
scores
0
value 0.01357
scoring_system epss
scoring_elements 0.80159
published_at 2026-04-18T12:55:00Z
1
value 0.01357
scoring_system epss
scoring_elements 0.80129
published_at 2026-04-13T12:55:00Z
2
value 0.01357
scoring_system epss
scoring_elements 0.80137
published_at 2026-04-12T12:55:00Z
3
value 0.01357
scoring_system epss
scoring_elements 0.80152
published_at 2026-04-11T12:55:00Z
4
value 0.01357
scoring_system epss
scoring_elements 0.80082
published_at 2026-04-01T12:55:00Z
5
value 0.01357
scoring_system epss
scoring_elements 0.80089
published_at 2026-04-02T12:55:00Z
6
value 0.01357
scoring_system epss
scoring_elements 0.80134
published_at 2026-04-09T12:55:00Z
7
value 0.01357
scoring_system epss
scoring_elements 0.8011
published_at 2026-04-04T12:55:00Z
8
value 0.01357
scoring_system epss
scoring_elements 0.80127
published_at 2026-04-08T12:55:00Z
9
value 0.01357
scoring_system epss
scoring_elements 0.80098
published_at 2026-04-07T12:55:00Z
10
value 0.01357
scoring_system epss
scoring_elements 0.80162
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6612
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
8
reference_url https://github.com/apache/lucene-solr
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr
9
reference_url https://github.com/apache/lucene-solr/commit/0d21b900975b7048d2e925d852aeacb9bdc6766c
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/0d21b900975b7048d2e925d852aeacb9bdc6766c
10
reference_url https://github.com/apache/lucene-solr/commit/f230486ce6707762c1a6e81655d0fac52887906d
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/f230486ce6707762c1a6e81655d0fac52887906d
11
reference_url https://issues.apache.org/jira/browse/SOLR-3895
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-3895
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6612
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6612
13
reference_url http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1035981
reference_id 1035981
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1035981
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
reference_id 731113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
16
reference_url https://github.com/advisories/GHSA-6cpj-3g83-q2j4
reference_id GHSA-6cpj-3g83-q2j4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6cpj-3g83-q2j4
17
reference_url https://access.redhat.com/errata/RHSA-2013:1844
reference_id RHSA-2013:1844
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1844
18
reference_url https://access.redhat.com/errata/RHSA-2014:0029
reference_id RHSA-2014:0029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0029
fixed_packages
0
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-2%3Fdistro=trixie
1
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-24%3Fdistro=trixie
2
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-26%3Fdistro=trixie
3
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-27%3Fdistro=trixie
aliases CVE-2012-6612, GHSA-6cpj-3g83-q2j4
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3f1v-ypty-mygx
1
url VCID-5tq3-rye7-nygg
vulnerability_id VCID-5tq3-rye7-nygg
summary The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-1844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1844.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0029.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0029.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6407.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6407.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6407
reference_id
reference_type
scores
0
value 0.11391
scoring_system epss
scoring_elements 0.9359
published_at 2026-04-21T12:55:00Z
1
value 0.11391
scoring_system epss
scoring_elements 0.93534
published_at 2026-04-02T12:55:00Z
2
value 0.11391
scoring_system epss
scoring_elements 0.93542
published_at 2026-04-04T12:55:00Z
3
value 0.11391
scoring_system epss
scoring_elements 0.93543
published_at 2026-04-07T12:55:00Z
4
value 0.11391
scoring_system epss
scoring_elements 0.93552
published_at 2026-04-08T12:55:00Z
5
value 0.11391
scoring_system epss
scoring_elements 0.93555
published_at 2026-04-09T12:55:00Z
6
value 0.11391
scoring_system epss
scoring_elements 0.93561
published_at 2026-04-13T12:55:00Z
7
value 0.11391
scoring_system epss
scoring_elements 0.9356
published_at 2026-04-12T12:55:00Z
8
value 0.11391
scoring_system epss
scoring_elements 0.9358
published_at 2026-04-16T12:55:00Z
9
value 0.11391
scoring_system epss
scoring_elements 0.93585
published_at 2026-04-18T12:55:00Z
10
value 0.11391
scoring_system epss
scoring_elements 0.93526
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6407
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
8
reference_url http://secunia.com/advisories/55542
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/55542
9
reference_url http://secunia.com/advisories/59372
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://secunia.com/advisories/59372
10
reference_url https://github.com/apache/lucene-solr
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr
11
reference_url https://github.com/apache/lucene-solr/commit/f230486ce6707762c1a6e81655d0fac52887906d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/f230486ce6707762c1a6e81655d0fac52887906d
12
reference_url https://issues.apache.org/jira/browse/SOLR-3895
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-3895
13
reference_url https://issues.apache.org/jira/browse/SOLR-5520
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/SOLR-5520
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6407
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6407
15
reference_url http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup
16
reference_url http://www.openwall.com/lists/oss-security/2013/11/29/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/11/29/2
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1035981
reference_id 1035981
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1035981
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
reference_id 731113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
19
reference_url https://bugzilla.redhat.com/CVE-2013-6407
reference_id CVE-2013-6407
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-6407
20
reference_url https://github.com/advisories/GHSA-998j-j6v9-5846
reference_id GHSA-998j-j6v9-5846
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-998j-j6v9-5846
21
reference_url https://access.redhat.com/errata/RHSA-2013:1844
reference_id RHSA-2013:1844
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1844
22
reference_url https://access.redhat.com/errata/RHSA-2014:0029
reference_id RHSA-2014:0029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0029
fixed_packages
0
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-2%3Fdistro=trixie
1
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-24%3Fdistro=trixie
2
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-26%3Fdistro=trixie
3
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-27%3Fdistro=trixie
aliases CVE-2013-6407, GHSA-998j-j6v9-5846
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tq3-rye7-nygg
2
url VCID-rym5-bjyc-nybu
vulnerability_id VCID-rym5-bjyc-nybu
summary The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-1844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1844.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0029.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0029.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6408.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6408.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6408
reference_id
reference_type
scores
0
value 0.11391
scoring_system epss
scoring_elements 0.93585
published_at 2026-04-18T12:55:00Z
1
value 0.11391
scoring_system epss
scoring_elements 0.9358
published_at 2026-04-16T12:55:00Z
2
value 0.11391
scoring_system epss
scoring_elements 0.9356
published_at 2026-04-12T12:55:00Z
3
value 0.11391
scoring_system epss
scoring_elements 0.93561
published_at 2026-04-13T12:55:00Z
4
value 0.11391
scoring_system epss
scoring_elements 0.93526
published_at 2026-04-01T12:55:00Z
5
value 0.11391
scoring_system epss
scoring_elements 0.93534
published_at 2026-04-02T12:55:00Z
6
value 0.11391
scoring_system epss
scoring_elements 0.93555
published_at 2026-04-09T12:55:00Z
7
value 0.11391
scoring_system epss
scoring_elements 0.93542
published_at 2026-04-04T12:55:00Z
8
value 0.11391
scoring_system epss
scoring_elements 0.93552
published_at 2026-04-08T12:55:00Z
9
value 0.11391
scoring_system epss
scoring_elements 0.93543
published_at 2026-04-07T12:55:00Z
10
value 0.11391
scoring_system epss
scoring_elements 0.9359
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6408
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
8
reference_url https://github.com/apache/lucene-solr
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr
9
reference_url https://github.com/apache/lucene-solr/commit/7239a57a51ea0f4d05dd330ce5e15e4f72f72747
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/7239a57a51ea0f4d05dd330ce5e15e4f72f72747
10
reference_url https://issues.apache.org/jira/browse/SOLR-4881
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-4881
11
reference_url https://issues.apache.org/jira/browse/SOLR-5520
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/SOLR-5520
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6408
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6408
13
reference_url http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup
14
reference_url http://www.openwall.com/lists/oss-security/2013/11/29/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/11/29/2
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1035985
reference_id 1035985
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1035985
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
reference_id 731113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
17
reference_url https://bugzilla.redhat.com/CVE-2013-6408
reference_id CVE-2013-6408
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-6408
18
reference_url https://github.com/advisories/GHSA-45w3-2hvv-pfxq
reference_id GHSA-45w3-2hvv-pfxq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-45w3-2hvv-pfxq
19
reference_url https://access.redhat.com/errata/RHSA-2013:1844
reference_id RHSA-2013:1844
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1844
20
reference_url https://access.redhat.com/errata/RHSA-2014:0029
reference_id RHSA-2014:0029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0029
fixed_packages
0
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-2%3Fdistro=trixie
1
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-24%3Fdistro=trixie
2
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-26%3Fdistro=trixie
3
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-27%3Fdistro=trixie
aliases CVE-2013-6408, GHSA-45w3-2hvv-pfxq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rym5-bjyc-nybu
3
url VCID-wke8-9ysk-akc2
vulnerability_id VCID-wke8-9ysk-akc2
summary Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.
references
0
reference_url http://lucene.apache.org/solr/4_6_0/changes/Changes.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lucene.apache.org/solr/4_6_0/changes/Changes.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2013-1844.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1844.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-0029.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0029.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6397.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6397.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6397
reference_id
reference_type
scores
0
value 0.90931
scoring_system epss
scoring_elements 0.99637
published_at 2026-04-21T12:55:00Z
1
value 0.92173
scoring_system epss
scoring_elements 0.99709
published_at 2026-04-04T12:55:00Z
2
value 0.92173
scoring_system epss
scoring_elements 0.99708
published_at 2026-04-02T12:55:00Z
3
value 0.92173
scoring_system epss
scoring_elements 0.99713
published_at 2026-04-18T12:55:00Z
4
value 0.92173
scoring_system epss
scoring_elements 0.99712
published_at 2026-04-13T12:55:00Z
5
value 0.92173
scoring_system epss
scoring_elements 0.99711
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6397
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
9
reference_url https://github.com/apache/lucene-solr
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr
10
reference_url https://github.com/apache/lucene-solr/commit/da34b18cb3092df4972e2b6fa5178d1059923910
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/da34b18cb3092df4972e2b6fa5178d1059923910
11
reference_url https://issues.apache.org/jira/browse/SOLR-4882
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-4882
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6397
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6397
13
reference_url https://web.archive.org/web/20170307173358/http://www.securityfocus.com/bid/63935
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170307173358/http://www.securityfocus.com/bid/63935
14
reference_url http://www.agarri.fr/kom/archives/2013/11/27/compromising_an_unreachable_solr_server_with_cve-2013-6397/index.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.agarri.fr/kom/archives/2013/11/27/compromising_an_unreachable_solr_server_with_cve-2013-6397/index.html
15
reference_url http://www.openwall.com/lists/oss-security/2013/11/27/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/11/27/1
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1035062
reference_id 1035062
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1035062
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
reference_id 731113
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
18
reference_url https://bugzilla.redhat.com/CVE-2013-6397
reference_id CVE-2013-6397
reference_type
scores
url https://bugzilla.redhat.com/CVE-2013-6397
19
reference_url https://github.com/advisories/GHSA-j8qw-mwmv-28cg
reference_id GHSA-j8qw-mwmv-28cg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8qw-mwmv-28cg
20
reference_url https://access.redhat.com/errata/RHSA-2013:1844
reference_id RHSA-2013:1844
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1844
21
reference_url https://access.redhat.com/errata/RHSA-2014:0029
reference_id RHSA-2014:0029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0029
fixed_packages
0
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-2%3Fdistro=trixie
1
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-24%3Fdistro=trixie
2
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-26%3Fdistro=trixie
3
url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-27%3Fdistro=trixie
aliases CVE-2013-6397, GHSA-j8qw-mwmv-28cg
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wke8-9ysk-akc2
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-2%3Fdistro=trixie