Uploaded image for project: 'OFBiz'
  1. OFBiz
  2. OFBIZ-1525 Issue to group security concerns
  3. OFBIZ-12316

The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905)

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • Trunk
    • Release Branch 17.12, 18.12.01
    • solr
    • None
    • Bug Crush Event - 21/2/2015

    Description

      This security issue was reported to the security team by weinull orz <weinull@outlook.com> As he suggested the solution is to update Solr to its last version. We did not create a CVE as it's actually a Solr issue and Solr has already created (CVE-2021-27905)

      Attachments

        Activity

          People

            jleroux Jacques Le Roux
            jleroux Jacques Le Roux
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: