Search for packages
| purl | pkg:maven/org.apache.solr/solr-velocity@4.6.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-wke8-9ysk-akc2 | Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries. |
CVE-2013-6397
GHSA-j8qw-mwmv-28cg |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T20:31:00.296487+00:00 | GitLab Importer | Fixing | VCID-wke8-9ysk-akc2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml | 38.4.0 |
| 2026-04-11T21:41:24.422674+00:00 | GitLab Importer | Fixing | VCID-wke8-9ysk-akc2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml | 38.3.0 |
| 2026-04-02T21:55:35.022469+00:00 | GitLab Importer | Fixing | VCID-wke8-9ysk-akc2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml | 38.1.0 |
| 2026-04-01T12:46:50.909582+00:00 | GitLab Importer | Fixing | VCID-wke8-9ysk-akc2 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml | 38.0.0 |