You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@lucene.apache.org by Apache Wiki <wi...@apache.org> on 2019/02/12 23:15:58 UTC

[Solr Wiki] Update of "SolrSecurity" by TomasFernandezLobbe

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Solr Wiki" for change notification.

The "SolrSecurity" page has been changed by TomasFernandezLobbe:
https://wiki.apache.org/solr/SolrSecurity?action=diff&rev1=59&rev2=60

Comment:
Added CVE-2017-3164

  
  == Security Announcements ==
  
+  * [[http://mail-archives.apache.org/mod_mbox/www-announce/201902.mbox/%3CCAECwjAVjBN%3DwO5rYs6ktAX-5%3D-f5JDFwbbTSM2TTjEbGO5jKKA%40mail.gmail.com%3E|2019-02-12: CVE-2017-3164 SSRF issue in Apache Solr]]
   * [[https://mail-archives.apache.org/mod_mbox/www-announce/201804.mbox/%3C000001d3cf68%245ac69af0%241053d0d0%24%40apache.org%3E|2018-04-08: CVE-2018-1308: XXE attack through DIH's dataConfig request parameter]]
   * 2017-10-26: CVE-2016-6809 – Arbitrary Code Execution Vulnerability in Apache Tika’s MATLAB Parser bundled with Apache Solr
   * [[http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3CCAOOKt51UO_6Vy%3Dj8W%3Dx1pMbLW9VJfZyFWz7pAnXJC_OAdSZubA%40mail.gmail.com%3E|2017-10-18: CVE-2017-12629: Several critical vulnerabilities discovered in Apache Solr (XXE & RCE)]]