CVE-2017-1000190

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-1000190

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000190.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-1000190

Aliases

GHSA-f5qf-vh69-9q4r

Downstream

UBUNTU-CVE-2017-1000190

Published

2017-11-17T21:29:00Z

Modified

2025-09-13T16:46:56.633396Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.

References

Affected packages

Debian:11 / simple-xml

Package

Name: simple-xml
Purl: pkg:deb/debian/simple-xml?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7.1-3

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / simple-xml

Package

Name: simple-xml
Purl: pkg:deb/debian/simple-xml?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7.1-3

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / simple-xml

Package

Name: simple-xml
Purl: pkg:deb/debian/simple-xml?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7.1-3

Ecosystem specific

{
    "urgency": "low"
}

Debian:14 / simple-xml

Package

Name: simple-xml
Purl: pkg:deb/debian/simple-xml?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7.1-3

Ecosystem specific

{
    "urgency": "low"
}

Git / github.com/apache/lucene-solr

Affected ranges

Type: GIT
Repo: https://github.com/apache/lucene-solr
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

832bf13dd9187095831caf69783179d41059d013

Affected versions

Other

grafts/lucene-oldest

grafts/lucene-solr-copy

grafts/lucene-solr-oldest-merged

grafts/solr-incubator-latest

grafts/solr-incubator-oldest

grafts/solr-latest

grafts/solr-oldest

history/branches/lucene-solr/LUCENE-5622

history/branches/lucene-solr/LUCENE2793

history/branches/lucene-solr/cleanup2878

history/branches/lucene-solr/docvalues

history/branches/lucene-solr/jira/lucene-5438-nrt-replication

history/branches/lucene-solr/lucene-6835

history/branches/lucene-solr/lucene-6997

history/branches/lucene-solr/lucene2510

history/branches/lucene-solr/lucene2858

history/branches/lucene-solr/lucene3069

history/branches/lucene-solr/lucene3312

history/branches/lucene-solr/lucene3606

history/branches/lucene-solr/lucene3661

history/branches/lucene-solr/lucene3795_lsp_spatial_module

history/branches/lucene-solr/lucene3846

history/branches/lucene-solr/lucene3969

history/branches/lucene-solr/lucene4055

history/branches/lucene-solr/lucene4199

history/branches/lucene-solr/lucene4236

history/branches/lucene-solr/lucene4335

history/branches/lucene-solr/lucene4446

history/branches/lucene-solr/lucene4547

history/branches/lucene-solr/lucene4765

history/branches/lucene-solr/lucene5178

history/branches/lucene-solr/lucene5207

history/branches/lucene-solr/lucene5339

history/branches/lucene-solr/lucene539399

history/branches/lucene-solr/lucene5468

history/branches/lucene-solr/lucene5487

history/branches/lucene-solr/lucene5493

history/branches/lucene-solr/lucene5611

history/branches/lucene-solr/lucene5666

history/branches/lucene-solr/lucene5675

history/branches/lucene-solr/lucene5752

history/branches/lucene-solr/lucene5858

history/branches/lucene-solr/lucene5969

history/branches/lucene-solr/lucene5995

history/branches/lucene-solr/lucene6196

history/branches/lucene-solr/lucene6238

history/branches/lucene-solr/lucene6271

history/branches/lucene-solr/lucene6299

history/branches/lucene-solr/lucene6487

history/branches/lucene-solr/pforcodec_3892

history/branches/lucene-solr/preflexfixes

history/branches/lucene-solr/realtime_search

history/branches/lucene-solr/slowclosing

history/branches/lucene-solr/solr2452

history/branches/lucene-solr/solr3733

history/branches/lucene-solr/solr5914

history/branches/lucene-solr/solr7787

releases/lucene-solr/8.*

releases/lucene-solr/8.4.0

releases/lucene-solr/8.4.1