Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-3f1v-ypty-mygx

Summary The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different vectors than CVE-2013-6407.

Aliases

alias	CVE-2012-6612

alias	GHSA-6cpj-3g83-q2j4

Fixed_packages

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-5

purl pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-hpys-9ncu-3bgv

vulnerability	VCID-jc41-ky5q-tkhv

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-qkt3-eevh-ekcr

vulnerability	VCID-rys3-pnnk-a7e4

vulnerability	VCID-t4p6-84y8-kbbu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-5

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-24?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-24%3Fdistro=trixie

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-26?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-26%3Fdistro=trixie

url	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
purl	pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-27?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.2%252Bdfsg-27%3Fdistro=trixie

url pkg:maven/org.apache.solr/solr-core@4.1.0

purl pkg:maven/org.apache.solr/solr-core@4.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@4.1.0

Affected_packages

url pkg:deb/debian/lucene-solr@3.6.0%2Bdfsg-1%2Bdeb7u1

purl pkg:deb/debian/lucene-solr@3.6.0%2Bdfsg-1%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-hpys-9ncu-3bgv

vulnerability	VCID-jc41-ky5q-tkhv

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-qkt3-eevh-ekcr

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-rys3-pnnk-a7e4

vulnerability	VCID-t4p6-84y8-kbbu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-wke8-9ysk-akc2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/lucene-solr@3.6.0%252Bdfsg-1%252Bdeb7u1

url pkg:maven/org.apache.solr/solr-core@1.3.0

purl pkg:maven/org.apache.solr/solr-core@1.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@1.3.0

url pkg:maven/org.apache.solr/solr-core@1.4.0

purl pkg:maven/org.apache.solr/solr-core@1.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@1.4.0

url pkg:maven/org.apache.solr/solr-core@1.4.1

purl pkg:maven/org.apache.solr/solr-core@1.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@1.4.1

url pkg:maven/org.apache.solr/solr-core@3.1.0

purl pkg:maven/org.apache.solr/solr-core@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.1.0

url pkg:maven/org.apache.solr/solr-core@3.2.0

purl pkg:maven/org.apache.solr/solr-core@3.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.2.0

url pkg:maven/org.apache.solr/solr-core@3.3.0

purl pkg:maven/org.apache.solr/solr-core@3.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.3.0

url pkg:maven/org.apache.solr/solr-core@3.4.0

purl pkg:maven/org.apache.solr/solr-core@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.4.0

url pkg:maven/org.apache.solr/solr-core@3.5.0

purl pkg:maven/org.apache.solr/solr-core@3.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.5.0

url pkg:maven/org.apache.solr/solr-core@3.6.0

purl pkg:maven/org.apache.solr/solr-core@3.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.6.0

url pkg:maven/org.apache.solr/solr-core@3.6.1

purl pkg:maven/org.apache.solr/solr-core@3.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.6.1

url pkg:maven/org.apache.solr/solr-core@3.6.2

purl pkg:maven/org.apache.solr/solr-core@3.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@3.6.2

url pkg:maven/org.apache.solr/solr-core@4.0.0-ALPHA

purl pkg:maven/org.apache.solr/solr-core@4.0.0-ALPHA

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@4.0.0-ALPHA

url pkg:maven/org.apache.solr/solr-core@4.0.0-BETA

purl pkg:maven/org.apache.solr/solr-core@4.0.0-BETA

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@4.0.0-BETA

url pkg:maven/org.apache.solr/solr-core@4.0.0

purl pkg:maven/org.apache.solr/solr-core@4.0.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3f1v-ypty-mygx

vulnerability	VCID-3vmh-e7x6-3kf6

vulnerability	VCID-4dgs-1mk2-5ubr

vulnerability	VCID-5781-s1ny-q7ey

vulnerability	VCID-5esr-zs91-zbb5

vulnerability	VCID-5tq3-rye7-nygg

vulnerability	VCID-a4yf-9j54-e3cp

vulnerability	VCID-f12j-fvhp-quec

vulnerability	VCID-ftx3-494m-hbee

vulnerability	VCID-h9gm-dpgv-2yeh

vulnerability	VCID-ke61-vddr-4udk

vulnerability	VCID-rym5-bjyc-nybu

vulnerability	VCID-tt7h-4geu-5bc9

vulnerability	VCID-v5ka-6bd4-33ft

vulnerability	VCID-vvt2-qyef-3fa6

vulnerability	VCID-wke8-9ysk-akc2

vulnerability	VCID-xypj-xu8p-gkbs

vulnerability	VCID-zfk3-8kt1-gbbw

vulnerability	VCID-zrn1-s7ht-pbdt

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@4.0.0

References

reference_url

http://rhn.redhat.com/errata/RHSA-2013-1844.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-1844.html

reference_url

http://rhn.redhat.com/errata/RHSA-2014-0029.html

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2014-0029.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6612.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6612.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-6612

reference_id

reference_type

scores

value	0.01357
scoring_system	epss
scoring_elements	0.80317
published_at	2026-05-14T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80197
published_at	2026-04-26T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80211
published_at	2026-04-29T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80225
published_at	2026-05-05T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80247
published_at	2026-05-07T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80262
published_at	2026-05-09T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80258
published_at	2026-05-11T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80275
published_at	2026-05-12T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80082
published_at	2026-04-01T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80089
published_at	2026-04-02T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.8011
published_at	2026-04-04T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80098
published_at	2026-04-07T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80127
published_at	2026-04-08T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80134
published_at	2026-04-09T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80152
published_at	2026-04-11T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80137
published_at	2026-04-12T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80129
published_at	2026-04-13T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80159
published_at	2026-04-18T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.80162
published_at	2026-04-21T12:55:00Z

value	0.01357
scoring_system	epss
scoring_elements	0.8019
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-6612

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6612

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6397

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6407

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6408

reference_url

https://github.com/apache/lucene-solr

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/lucene-solr

reference_url

https://github.com/apache/lucene-solr/commit/0d21b900975b7048d2e925d852aeacb9bdc6766c

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/lucene-solr/commit/0d21b900975b7048d2e925d852aeacb9bdc6766c

reference_url

https://github.com/apache/lucene-solr/commit/f230486ce6707762c1a6e81655d0fac52887906d

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/lucene-solr/commit/f230486ce6707762c1a6e81655d0fac52887906d

reference_url

https://issues.apache.org/jira/browse/SOLR-3895

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.apache.org/jira/browse/SOLR-3895

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2012-6612

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2012-6612

reference_url

http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup

reference_id

reference_type

scores

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1035981
reference_id	1035981
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1035981

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113
reference_id	731113
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731113

reference_url

https://github.com/advisories/GHSA-6cpj-3g83-q2j4

reference_id

GHSA-6cpj-3g83-q2j4

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-6cpj-3g83-q2j4

reference_url	https://access.redhat.com/errata/RHSA-2013:1844
reference_id	RHSA-2013:1844
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1844

reference_url	https://access.redhat.com/errata/RHSA-2014:0029
reference_id	RHSA-2014:0029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0029

Weaknesses

cwe_id	611
name	Improper Restriction of XML External Entity Reference
description	The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

Exploits

Severity_range_score 7.0 - 8.9

Exploitability 0.5

Weighted_severity 8.0

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3f1v-ypty-mygx

Vulnerability Instance