Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.solr/solr-core@3.1
Typemaven
Namespaceorg.apache.solr
Namesolr-core
Version3.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.10.1
Latest_non_vulnerable_version9.10.1
Affected_by_vulnerabilities
0
url VCID-zfk3-8kt1-gbbw
vulnerability_id VCID-zfk3-8kt1-gbbw
summary 
Apache Solr  vulnerable to XML Bomb
Solr versions prior to 5.0.0 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it?s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML causing OOMs.
references
0
reference_url http://mail-archives.us.apache.org/mod_mbox/www-announce/201909.mbox/%3CCAECwjAXU4%3DkAo5DeUJw7Kvk67sgCmajAN7LGZQNjbjZ8gv%3DBdw%40mail.gmail.com%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://mail-archives.us.apache.org/mod_mbox/www-announce/201909.mbox/%3CCAECwjAXU4%3DkAo5DeUJw7Kvk67sgCmajAN7LGZQNjbjZ8gv%3DBdw%40mail.gmail.com%3E
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12401.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12401.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12401
reference_id
reference_type
scores
0
value 0.32768
scoring_system epss
scoring_elements 0.96871
published_at 2026-04-08T12:55:00Z
1
value 0.32768
scoring_system epss
scoring_elements 0.96933
published_at 2026-05-14T12:55:00Z
2
value 0.32768
scoring_system epss
scoring_elements 0.96892
published_at 2026-04-24T12:55:00Z
3
value 0.32768
scoring_system epss
scoring_elements 0.96889
published_at 2026-04-18T12:55:00Z
4
value 0.32768
scoring_system epss
scoring_elements 0.96885
published_at 2026-04-16T12:55:00Z
5
value 0.32768
scoring_system epss
scoring_elements 0.96878
published_at 2026-04-13T12:55:00Z
6
value 0.32768
scoring_system epss
scoring_elements 0.96876
published_at 2026-04-12T12:55:00Z
7
value 0.32768
scoring_system epss
scoring_elements 0.96848
published_at 2026-04-01T12:55:00Z
8
value 0.32768
scoring_system epss
scoring_elements 0.96875
published_at 2026-04-11T12:55:00Z
9
value 0.32768
scoring_system epss
scoring_elements 0.96855
published_at 2026-04-02T12:55:00Z
10
value 0.32768
scoring_system epss
scoring_elements 0.96858
published_at 2026-04-04T12:55:00Z
11
value 0.32768
scoring_system epss
scoring_elements 0.96862
published_at 2026-04-07T12:55:00Z
12
value 0.32768
scoring_system epss
scoring_elements 0.96872
published_at 2026-04-09T12:55:00Z
13
value 0.32768
scoring_system epss
scoring_elements 0.96922
published_at 2026-05-12T12:55:00Z
14
value 0.32768
scoring_system epss
scoring_elements 0.96915
published_at 2026-05-11T12:55:00Z
15
value 0.32768
scoring_system epss
scoring_elements 0.96913
published_at 2026-05-09T12:55:00Z
16
value 0.32768
scoring_system epss
scoring_elements 0.96907
published_at 2026-05-07T12:55:00Z
17
value 0.32768
scoring_system epss
scoring_elements 0.96903
published_at 2026-05-05T12:55:00Z
18
value 0.32768
scoring_system epss
scoring_elements 0.96897
published_at 2026-04-29T12:55:00Z
19
value 0.32768
scoring_system epss
scoring_elements 0.96894
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12401
3
reference_url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12401-XML%20Bomb-Apache%20Solr
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12401-XML%20Bomb-Apache%20Solr
4
reference_url https://issues.apache.org/jira/browse/SOLR-13750
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-13750
5
reference_url https://lists.apache.org/thread.html/048ae6e4f84a88e8856f766320b48ad91f9fca2c6f621aa2c40088fe@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/048ae6e4f84a88e8856f766320b48ad91f9fca2c6f621aa2c40088fe@%3Cdev.lucene.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/048ae6e4f84a88e8856f766320b48ad91f9fca2c6f621aa2c40088fe%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/048ae6e4f84a88e8856f766320b48ad91f9fca2c6f621aa2c40088fe%40%3Cdev.lucene.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/0ec231c5ed8d242890e21806d25fdd47f80cc47cac278d2fc1c9c579@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/0ec231c5ed8d242890e21806d25fdd47f80cc47cac278d2fc1c9c579@%3Cdev.lucene.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/0ec231c5ed8d242890e21806d25fdd47f80cc47cac278d2fc1c9c579%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/0ec231c5ed8d242890e21806d25fdd47f80cc47cac278d2fc1c9c579%40%3Cdev.lucene.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/1c92300643f48f13bc59b15e3f886ba62bae1798c7d4c2e5c1ece09b@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/1c92300643f48f13bc59b15e3f886ba62bae1798c7d4c2e5c1ece09b@%3Cannounce.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/1c92300643f48f13bc59b15e3f886ba62bae1798c7d4c2e5c1ece09b%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/1c92300643f48f13bc59b15e3f886ba62bae1798c7d4c2e5c1ece09b%40%3Cannounce.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/521d10a19bfb590f86dff41820ccfb11e92281f233a12c882650931e@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/521d10a19bfb590f86dff41820ccfb11e92281f233a12c882650931e@%3Cdev.lucene.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/521d10a19bfb590f86dff41820ccfb11e92281f233a12c882650931e%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/521d10a19bfb590f86dff41820ccfb11e92281f233a12c882650931e%40%3Cdev.lucene.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/60a924662ead9aeea74e8ea128d9ca935f8de925aa71b15ab2787d6a@%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/60a924662ead9aeea74e8ea128d9ca935f8de925aa71b15ab2787d6a@%3Csolr-user.lucene.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/60a924662ead9aeea74e8ea128d9ca935f8de925aa71b15ab2787d6a%40%3Csolr-user.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/60a924662ead9aeea74e8ea128d9ca935f8de925aa71b15ab2787d6a%40%3Csolr-user.lucene.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/7ab5e95a1a0b4f35ffe53f1eb0cb74b4348b49d41b72ac155b843fa2@%3Cgeneral.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/7ab5e95a1a0b4f35ffe53f1eb0cb74b4348b49d41b72ac155b843fa2@%3Cgeneral.lucene.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/7ab5e95a1a0b4f35ffe53f1eb0cb74b4348b49d41b72ac155b843fa2%40%3Cgeneral.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/7ab5e95a1a0b4f35ffe53f1eb0cb74b4348b49d41b72ac155b843fa2%40%3Cgeneral.lucene.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/db8eaca456d03c00a66cbe37548978318d424b9997e3fd7f5c65dffe@%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/db8eaca456d03c00a66cbe37548978318d424b9997e3fd7f5c65dffe@%3Cdev.lucene.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/db8eaca456d03c00a66cbe37548978318d424b9997e3fd7f5c65dffe%40%3Cdev.lucene.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/db8eaca456d03c00a66cbe37548978318d424b9997e3fd7f5c65dffe%40%3Cdev.lucene.apache.org%3E
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12401
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12401
20
reference_url https://security.netapp.com/advisory/ntap-20190926-0002
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20190926-0002
21
reference_url https://security.netapp.com/advisory/ntap-20190926-0002/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20190926-0002/
22
reference_url http://www.openwall.com/lists/oss-security/2019/09/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/09/10/1
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1789513
reference_id 1789513
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1789513
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
25
reference_url https://github.com/advisories/GHSA-jq2w-w7v2-69q5
reference_id GHSA-jq2w-w7v2-69q5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jq2w-w7v2-69q5
fixed_packages
0
url pkg:maven/org.apache.solr/solr-core@4.0.0-ALPHA
purl pkg:maven/org.apache.solr/solr-core@4.0.0-ALPHA
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3f1v-ypty-mygx
1
vulnerability VCID-3vmh-e7x6-3kf6
2
vulnerability VCID-4dgs-1mk2-5ubr
3
vulnerability VCID-5781-s1ny-q7ey
4
vulnerability VCID-5esr-zs91-zbb5
5
vulnerability VCID-5tq3-rye7-nygg
6
vulnerability VCID-a4yf-9j54-e3cp
7
vulnerability VCID-f12j-fvhp-quec
8
vulnerability VCID-ftx3-494m-hbee
9
vulnerability VCID-h9gm-dpgv-2yeh
10
vulnerability VCID-ke61-vddr-4udk
11
vulnerability VCID-rym5-bjyc-nybu
12
vulnerability VCID-tt7h-4geu-5bc9
13
vulnerability VCID-v5ka-6bd4-33ft
14
vulnerability VCID-vvt2-qyef-3fa6
15
vulnerability VCID-wke8-9ysk-akc2
16
vulnerability VCID-xypj-xu8p-gkbs
17
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@4.0.0-ALPHA
1
url pkg:maven/org.apache.solr/solr-core@5.0.0
purl pkg:maven/org.apache.solr/solr-core@5.0.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3vmh-e7x6-3kf6
1
vulnerability VCID-4dgs-1mk2-5ubr
2
vulnerability VCID-5781-s1ny-q7ey
3
vulnerability VCID-5esr-zs91-zbb5
4
vulnerability VCID-a4yf-9j54-e3cp
5
vulnerability VCID-f12j-fvhp-quec
6
vulnerability VCID-ftx3-494m-hbee
7
vulnerability VCID-h9gm-dpgv-2yeh
8
vulnerability VCID-jugm-3s3r-8kf8
9
vulnerability VCID-ke61-vddr-4udk
10
vulnerability VCID-tt7h-4geu-5bc9
11
vulnerability VCID-v5ka-6bd4-33ft
12
vulnerability VCID-vvt2-qyef-3fa6
13
vulnerability VCID-xypj-xu8p-gkbs
14
vulnerability VCID-z2u5-9szx-vyax
15
vulnerability VCID-zrn1-s7ht-pbdt
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@5.0.0
aliases CVE-2019-12401, GHSA-jq2w-w7v2-69q5
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zfk3-8kt1-gbbw
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.1