[SOLR-15529] High security vulnerability in JDOM library bundled within Solr 8.9 CVE-2021-33813 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Not A Problem
Affects Version/s: 8.9
Fix Version/s: None
Component/s: contrib - Solr Cell (Tika extraction)
Labels:
None

Description

High security vulnerability has been reported in the JDOM library bundled within SOLR 8.9:

CVE-2021-33813

Affected Component(s): JDOM
Vulnerability Published: 2021-06-16 08:15 EDT
Vulnerability Updated: 2021-06-21 18:21 EDT
CVSS Score: 7.5 (overall), 7.5 (base)

Summary: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: WCM RnD

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Jul/21 14:56

Updated:: 19/Aug/21 13:43

Resolved:: 19/Aug/21 13:43