Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-zseq-ezs2-wbhu

Summary Remote code execution is possible in Apache Solr.

Aliases

alias	CVE-2017-12629

alias	GHSA-mh7g-99w9-xpjm

Fixed_packages

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-11?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-11?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-11%3Fdistro=trixie

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-24%3Fdistro=trixie

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-26%3Fdistro=trixie

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-27%3Fdistro=trixie

url pkg:maven/org.apache.solr/solr-core@5.5.5

purl pkg:maven/org.apache.solr/solr-core@5.5.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-x81k-2zr1-b7c3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.5.5

url pkg:maven/org.apache.solr/solr-core@6.6.2

purl pkg:maven/org.apache.solr/solr-core@6.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.2

url pkg:maven/org.apache.solr/solr-core@7.1.0

purl pkg:maven/org.apache.solr/solr-core@7.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.1.0

Affected_packages

url pkg:maven/org.apache.solr/solr-core@5.5.0

purl pkg:maven/org.apache.solr/solr-core@5.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.5.0

url pkg:maven/org.apache.solr/solr-core@5.5.1

purl pkg:maven/org.apache.solr/solr-core@5.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.5.1

url pkg:maven/org.apache.solr/solr-core@5.5.2

purl pkg:maven/org.apache.solr/solr-core@5.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.5.2

url pkg:maven/org.apache.solr/solr-core@5.5.3

purl pkg:maven/org.apache.solr/solr-core@5.5.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.5.3

url pkg:maven/org.apache.solr/solr-core@5.5.4

purl pkg:maven/org.apache.solr/solr-core@5.5.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.5.4

url pkg:maven/org.apache.solr/solr-core@6.0.0

purl pkg:maven/org.apache.solr/solr-core@6.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-48q3-wmzu-33fq

vulnerability	VCID-4rb6-pu4t-r3c4

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-th9k-npsc-mqax

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.0.0

url pkg:maven/org.apache.solr/solr-core@6.0.1

purl pkg:maven/org.apache.solr/solr-core@6.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.0.1

url pkg:maven/org.apache.solr/solr-core@6.1.0

purl pkg:maven/org.apache.solr/solr-core@6.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.1.0

url pkg:maven/org.apache.solr/solr-core@6.2.0

purl pkg:maven/org.apache.solr/solr-core@6.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.2.0

url pkg:maven/org.apache.solr/solr-core@6.2.1

purl pkg:maven/org.apache.solr/solr-core@6.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.2.1

url pkg:maven/org.apache.solr/solr-core@6.3.0

purl pkg:maven/org.apache.solr/solr-core@6.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.3.0

url pkg:maven/org.apache.solr/solr-core@6.4.0

purl pkg:maven/org.apache.solr/solr-core@6.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2nwy-8r1n-y7cc

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.4.0

url pkg:maven/org.apache.solr/solr-core@6.4.1

purl pkg:maven/org.apache.solr/solr-core@6.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.4.1

url pkg:maven/org.apache.solr/solr-core@6.4.2

purl pkg:maven/org.apache.solr/solr-core@6.4.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.4.2

url pkg:maven/org.apache.solr/solr-core@6.5.0

purl pkg:maven/org.apache.solr/solr-core@6.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.5.0

url pkg:maven/org.apache.solr/solr-core@6.5.1

purl pkg:maven/org.apache.solr/solr-core@6.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-hcng-56xk-tuar

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.5.1

url pkg:maven/org.apache.solr/solr-core@6.6.0

purl pkg:maven/org.apache.solr/solr-core@6.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-8t99-tkmu-t3e7

vulnerability	VCID-atn8-a9f2-hqbq

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.0

url pkg:maven/org.apache.solr/solr-core@6.6.1

purl pkg:maven/org.apache.solr/solr-core@6.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-g95c-rfw6-kqgs

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@6.6.1

url pkg:maven/org.apache.solr/solr-core@7.0.0

purl pkg:maven/org.apache.solr/solr-core@7.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.0.0

url pkg:maven/org.apache.solr/solr-core@7.0.1

purl pkg:maven/org.apache.solr/solr-core@7.0.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3zcs-eg6f-fubn

vulnerability	VCID-45ku-xn2x-3fdg

vulnerability	VCID-69cb-ed9r-guda

vulnerability	VCID-de4p-g9a9-1fcd

vulnerability	VCID-f12z-qhkn-qyhb

vulnerability	VCID-n5hy-aw33-skh2

vulnerability	VCID-vdk1-r552-kqhh

vulnerability	VCID-w2ku-uvwz-4bhx

vulnerability	VCID-x81k-2zr1-b7c3

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@7.0.1

url pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-activemq-artemis@1.1.0-19.SP24_redhat_1.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-hibernate@5.0.16-1.Final_redhat_1.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-ironjacamar@1.3.8-1.Final_redhat_1.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7?arch=el6

purl pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-ec2-eap@7.0.9-2.GA_redhat_2.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-remoting@4.0.25-1.Final_redhat_1.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jboss-xnio-base@3.4.7-1.Final_redhat_1.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-jgroups@3.6.12-1.Final_redhat_1.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-lucene-solr@5.3.1-4.redhat_2.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-lucene-solr@5.3.1-4.redhat_2.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-lucene-solr@5.3.1-4.redhat_2.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-lucene-solr@5.3.1-4.redhat_2.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-lucene-solr@5.3.1-4.redhat_2.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-lucene-solr@5.3.1-4.redhat_2.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-resteasy@3.0.19-7.SP5_redhat_1.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-undertow@1.3.31-3.Final_redhat_3.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7%3Farch=el6

url pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly@7.0.9-4.GA_redhat_3.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7?arch=el7

purl pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7%3Farch=el7

url pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7?arch=el6

purl pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1ppw-bka2-qbdy

vulnerability	VCID-k2d4-d6dd-wkb9

vulnerability	VCID-kbwr-xd1h-sbbs

vulnerability	VCID-pj5d-vfar-q7ac

vulnerability	VCID-pkzf-4u9a-c3hq

vulnerability	VCID-vwcx-hrtg-pygs

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/eap7-wildfly-javadocs@7.0.9-2.GA_redhat_3.1.ep7%3Farch=el6

url pkg:rpm/redhat/rh-java-common-lucene@4.8.0-6.9?arch=el6

purl pkg:rpm/redhat/rh-java-common-lucene@4.8.0-6.9?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-java-common-lucene@4.8.0-6.9%3Farch=el6

url pkg:rpm/redhat/rh-java-common-lucene@4.8.0-6.9?arch=el7

purl pkg:rpm/redhat/rh-java-common-lucene@4.8.0-6.9?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-java-common-lucene@4.8.0-6.9%3Farch=el7

url pkg:rpm/redhat/rh-java-common-lucene5@5.4.1-2.4?arch=el7

purl pkg:rpm/redhat/rh-java-common-lucene5@5.4.1-2.4?arch=el7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-java-common-lucene5@5.4.1-2.4%3Farch=el7

url pkg:rpm/redhat/rh-java-common-lucene5@5.4.1-2.4?arch=el6

purl pkg:rpm/redhat/rh-java-common-lucene5@5.4.1-2.4?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-zseq-ezs2-wbhu

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rh-java-common-lucene5@5.4.1-2.4%3Farch=el6

References

reference_url

http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E

reference_url

http://openwall.com/lists/oss-security/2017/10/13/1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2017/10/13/1

reference_url

https://access.redhat.com/errata/RHSA-2017:3123

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3123

reference_url

https://access.redhat.com/errata/RHSA-2017:3124

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3124

reference_url

https://access.redhat.com/errata/RHSA-2017:3244

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3244

reference_url

https://access.redhat.com/errata/RHSA-2017:3451

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3451

reference_url

https://access.redhat.com/errata/RHSA-2017:3452

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2017:3452

reference_url

https://access.redhat.com/errata/RHSA-2018:0002

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0002

reference_url

https://access.redhat.com/errata/RHSA-2018:0003

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0003

reference_url

https://access.redhat.com/errata/RHSA-2018:0004

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0004

reference_url

https://access.redhat.com/errata/RHSA-2018:0005

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHSA-2018:0005

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12629.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12629.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-12629

reference_id

reference_type

scores

value	0.93891
scoring_system	epss
scoring_elements	0.99884
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-12629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12629

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163

reference_url

https://github.com/advisories/GHSA-mh7g-99w9-xpjm

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-mh7g-99w9-xpjm

reference_url

https://github.com/apache/lucene

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/lucene

reference_url

https://github.com/apache/lucene-solr/commit/3bba91131b5257e64b9d0a2193e1e32a145b2a2

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/lucene-solr/commit/3bba91131b5257e64b9d0a2193e1e32a145b2a2

reference_url	https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc
reference_id
reference_type
scores
url	https://github.com/apache/lucene-solr/commit/926cc4d65b6d2cc40ff07f76d50ddeda947e3cc

reference_url	https://github.com/apache/lucene-solr/commit/d28baa3fc5566b47f1ca7cc2ba1aba658dc634a
reference_id
reference_type
scores
url	https://github.com/apache/lucene-solr/commit/d28baa3fc5566b47f1ca7cc2ba1aba658dc634a

reference_url

https://github.com/apache/lucene-solr/commit/d8000beebfb13ba0b6e754f84c760e11592d8d1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/lucene-solr/commit/d8000beebfb13ba0b6e754f84c760e11592d8d1

reference_url

https://github.com/apache/lucene-solr/commit/f9fd6e9e26224f26f1542224ce187e04c27b268

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/lucene-solr/commit/f9fd6e9e26224f26f1542224ce187e04c27b268

reference_url	https://github.com/AsyncHttpClient/async-http-client/issues/1455
reference_id
reference_type
scores
url	https://github.com/AsyncHttpClient/async-http-client/issues/1455

reference_url

https://issues.apache.org/jira/browse/SOLR-11477

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/SOLR-11477

reference_url

https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r26c996b068ef6c5e89aa59acb769025cfd343a08e63fbe9e7f3f720f@%3Coak-issues.jackrabbit.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E

reference_url

https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E

reference_url

https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/01/msg00028.html

reference_url

https://s.apache.org/FJDl

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://s.apache.org/FJDl

reference_url

https://twitter.com/ApacheSolr/status/918731485611401216

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://twitter.com/ApacheSolr/status/918731485611401216

reference_url

https://twitter.com/joshbressers/status/919258716297420802

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://twitter.com/joshbressers/status/919258716297420802

reference_url

https://twitter.com/searchtools_avi/status/918904813613543424

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://twitter.com/searchtools_avi/status/918904813613543424

reference_url

https://usn.ubuntu.com/4259-1

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://usn.ubuntu.com/4259-1

reference_url

https://www.debian.org/security/2018/dsa-4124

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2018/dsa-4124

reference_url

https://www.exploit-db.com/exploits/43009

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://www.exploit-db.com/exploits/43009

reference_url	https://www.exploit-db.com/exploits/43009/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/43009/

reference_url

http://www.securityfocus.com/bid/101261

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/101261

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1501529
reference_id	1501529
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1501529

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/xml/webapps/43009.txt
reference_id	CVE-2017-12629
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/xml/webapps/43009.txt

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-12629

reference_id

CVE-2017-12629

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	CRITICAL
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-12629

reference_url	http://www.cvedetails.com/cve/CVE-2017-12629/
reference_id	CVE-2017-12629
reference_type
scores
url	http://www.cvedetails.com/cve/CVE-2017-12629/

reference_url	https://access.redhat.com/errata/RHSA-2020:2561
reference_id	RHSA-2020:2561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2561

reference_url	https://access.redhat.com/errata/RHSA-2023:1334
reference_id	RHSA-2023:1334
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:1334

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	611
name	Improper Restriction of XML External Entity Reference
description	The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	138
name	Improper Neutralization of Special Elements
description	The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as control elements or syntactic markers when they are sent to a downstream component.

Exploits

date_added	2017-10-17
description	Apache Solr 7.0.1 - XML External Entity Expansion / Remote Code Execution
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2017-10-17
exploit_type	webapps
platform	xml
source_date_updated	2017-10-17
data_source	Exploit-DB
source_url

Severity_range_score 9.0 - 10.0

Exploitability 2.0

Weighted_severity 9.0

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zseq-ezs2-wbhu

Vulnerability Instance