Oval Definition:	oval:com.ubuntu.trusty:def:20181308000
Revision Date: 2018-04-09 Version: 1 Title: CVE-2018-1308 on Ubuntu 14.04 LTS (trusty) - medium. Description: This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-1308 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND The vulnerability of the 'lucene-solr' package in trusty is not known (status: 'needs-triage'). It is pending evaluation.
BACK