Search for packages
Package details: pkg:maven/org.apache.solr/solr-velocity@4.0.0-BETA
purl pkg:maven/org.apache.solr/solr-velocity@4.0.0-BETA
Next non-vulnerable version 4.6.0
Latest non-vulnerable version 4.6.0
Risk 10.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-snxv-kdyk-aaap
Aliases:
CVE-2013-6397
GHSA-j8qw-mwmv-28cg
Directory traversal when loading XSL stylesheets and Velocity templates Directory traversal vulnerability in SolrResourceLoader in this package allows remote attackers to read arbitrary files via a `..` (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.
4.6.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T13:46:14.215309+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 36.1.3
2025-06-20T13:46:13.342493+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 36.1.3
2025-06-03T20:37:10.086615+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 36.1.0
2025-06-03T20:37:09.314346+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 36.1.0
2025-06-02T20:16:24.482045+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 36.1.2
2025-06-02T20:16:22.885814+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 36.1.2
2025-04-03T16:24:26.222082+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 36.0.0
2025-04-03T16:24:23.635233+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 36.0.0
2025-02-17T22:19:05.689014+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 35.1.0
2025-02-17T22:19:05.549661+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 35.1.0
2024-11-20T21:53:30.146558+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 35.0.0
2024-11-18T21:50:54.248086+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 34.3.2
2024-10-07T22:50:25.014157+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 34.0.2
2024-09-22T23:06:02.628233+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 34.0.1
2024-04-24T00:57:09.384896+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 34.0.0rc4
2024-04-24T00:57:09.216756+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 34.0.0rc4
2024-01-10T03:21:15.247566+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 34.0.0rc2
2024-01-10T03:21:15.077038+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 34.0.0rc2
2024-01-03T19:58:31.650153+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-velocity/CVE-2013-6397.yml 34.0.0rc1
2024-01-03T19:58:31.479202+00:00 GitLab Importer Affected by VCID-snxv-kdyk-aaap None 34.0.0rc1