{"containers":{"cna":{"affected":[{"product":"Apache Solr","vendor":"n/a","versions":[{"status":"affected","version":"Apache Solr 6.6.0 to 6.6.6, 7.0.0 to 7.7.3, 8.0.0 to 8.6.2"}]}],"descriptions":[{"lang":"en","value":"Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions."}],"problemTypes":[{"descriptions":[{"description":"Remote Code Execution","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2021-03-25T00:06:20.000Z","orgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","shortName":"apache"},"references":[{"tags":["x_refsource_MISC"],"url":"https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E"},{"name":"[lucene-issues] 20201013 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r226c1112bb41e7cd427862d875eff9877a20a40242c2542f4dd39e4a%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201019 [GitHub] [lucene-site] tflobbe opened a new pull request #31: Add CVE-2020-13957 page","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r4ca8ba5980d9049cf3707798aa3116ee76c1582f171ff452ad2ca75e%40%3Cissues.lucene.apache.org%3E"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20201023-0002/"},{"name":"[lucene-issues] 20201029 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-commits] 20201030 [lucene-site] branch master updated: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r1c783d3d81ba62f3381a17a4d6c826f7dead3a132ba42349c90df075%40%3Ccommits.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe merged pull request #31: Add CVE-2020-13957 page","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r7512ae552cd9d14ab8b1bc0a7e95f2ec52ae85364f068d4034398ede%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-commits] 20201030 [lucene-site] 02/02: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r9d7356f209ee30d702b6a921c866564eb2e291b126640c7ab70feea7%40%3Ccommits.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe opened a new pull request #32: Publish: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r5557641fcf5cfd99260a7037cfbc8788fb546b72c98a900570edaa2e%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe commented on pull request #32: Publish: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r3d1e24a73e6bffa1d6534e1f34c8f5cbd9999495e7d933640f4fa0ed%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe closed pull request #32: Publish: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r13a728994c60be5b5a7049282b5c926dac1fc6a9a0b2362f6adfa573%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201102 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r2f8d33a4de07db9459fb2a98a1cd39747066137636b53f84a13e5628%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201102 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r853fdc6d0b91d5e01a26c7bd5becb044ad775a231703d634ca5d55c9%40%3Cissues.lucene.apache.org%3E"},{"name":"[bigtop-dev] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r2236fdf99ac3efbfc36c2df96d3a88f822baa6f45e13fec7ff558e34%40%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r999f828e6e37d9e825e207471cbfd2681c3befcd7f3abd59ed87c0d5%40%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210222 [jira] [Assigned] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/rb1de6ba50a468e9baff32a249edaa08f6bcec7dd7cc208e25e6b48c8%40%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210225 [GitHub] [bigtop] JunHe77 opened a new pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/rf1a32f00017e83ff29a74be2de02e28e4302dddb5f14c624e297a8c0%40%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210301 [GitHub] [bigtop] iwasakims merged pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r2a6600fe9afd502c04d26fd112823ec3f3c3ad1b4a289d10567a78a0%40%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210301 [jira] [Resolved] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r3da9895cea476bcee2557531bebd4e8f6f367dc3ea900a65e2f51cd8%40%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-commits] 20210301 [bigtop] branch master updated: BIGTOP-3507: CVE-2020-13957 mitigation backport (#743)","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/rb2f1c7fd3d3ea719dfac4706a80e6affddecae8663dda04e1335347f%40%3Ccommits.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210301 [GitHub] [bigtop] JunHe77 commented on pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r622a043c2890327f8a4aea16b131e8a7137a282a004614369fceb224%40%3Cdev.bigtop.apache.org%3E"},{"name":"[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@apache.org","ID":"CVE-2020-13957","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Apache Solr","version":{"version_data":[{"version_value":"Apache Solr 6.6.0 to 6.6.6, 7.0.0 to 7.7.3, 8.0.0 to 8.6.2"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Remote Code Execution"}]}]},"references":{"reference_data":[{"name":"https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E","refsource":"MISC","url":"https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E"},{"name":"[lucene-issues] 20201013 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r226c1112bb41e7cd427862d875eff9877a20a40242c2542f4dd39e4a@%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201019 [GitHub] [lucene-site] tflobbe opened a new pull request #31: Add CVE-2020-13957 page","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r4ca8ba5980d9049cf3707798aa3116ee76c1582f171ff452ad2ca75e@%3Cissues.lucene.apache.org%3E"},{"name":"https://security.netapp.com/advisory/ntap-20201023-0002/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20201023-0002/"},{"name":"[lucene-issues] 20201029 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3@%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-commits] 20201030 [lucene-site] branch master updated: Add CVE-2020-13957 page (#31)","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r1c783d3d81ba62f3381a17a4d6c826f7dead3a132ba42349c90df075@%3Ccommits.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe merged pull request #31: Add CVE-2020-13957 page","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r7512ae552cd9d14ab8b1bc0a7e95f2ec52ae85364f068d4034398ede@%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-commits] 20201030 [lucene-site] 02/02: Add CVE-2020-13957 page (#31)","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r9d7356f209ee30d702b6a921c866564eb2e291b126640c7ab70feea7@%3Ccommits.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe opened a new pull request #32: Publish: Add CVE-2020-13957 page (#31)","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r5557641fcf5cfd99260a7037cfbc8788fb546b72c98a900570edaa2e@%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe commented on pull request #32: Publish: Add CVE-2020-13957 page (#31)","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r3d1e24a73e6bffa1d6534e1f34c8f5cbd9999495e7d933640f4fa0ed@%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe closed pull request #32: Publish: Add CVE-2020-13957 page (#31)","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r13a728994c60be5b5a7049282b5c926dac1fc6a9a0b2362f6adfa573@%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201102 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r2f8d33a4de07db9459fb2a98a1cd39747066137636b53f84a13e5628@%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201102 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r853fdc6d0b91d5e01a26c7bd5becb044ad775a231703d634ca5d55c9@%3Cissues.lucene.apache.org%3E"},{"name":"[bigtop-dev] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r2236fdf99ac3efbfc36c2df96d3a88f822baa6f45e13fec7ff558e34@%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r999f828e6e37d9e825e207471cbfd2681c3befcd7f3abd59ed87c0d5@%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210222 [jira] [Assigned] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","refsource":"MLIST","url":"https://lists.apache.org/thread.html/rb1de6ba50a468e9baff32a249edaa08f6bcec7dd7cc208e25e6b48c8@%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210225 [GitHub] [bigtop] JunHe77 opened a new pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","refsource":"MLIST","url":"https://lists.apache.org/thread.html/rf1a32f00017e83ff29a74be2de02e28e4302dddb5f14c624e297a8c0@%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210301 [GitHub] [bigtop] iwasakims merged pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r2a6600fe9afd502c04d26fd112823ec3f3c3ad1b4a289d10567a78a0@%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210301 [jira] [Resolved] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r3da9895cea476bcee2557531bebd4e8f6f367dc3ea900a65e2f51cd8@%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-commits] 20210301 [bigtop] branch master updated: BIGTOP-3507: CVE-2020-13957 mitigation backport (#743)","refsource":"MLIST","url":"https://lists.apache.org/thread.html/rb2f1c7fd3d3ea719dfac4706a80e6affddecae8663dda04e1335347f@%3Ccommits.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210301 [GitHub] [bigtop] JunHe77 commented on pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r622a043c2890327f8a4aea16b131e8a7137a282a004614369fceb224@%3Cdev.bigtop.apache.org%3E"},{"name":"[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves","refsource":"MLIST","url":"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T12:32:14.343Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E"},{"name":"[lucene-issues] 20201013 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r226c1112bb41e7cd427862d875eff9877a20a40242c2542f4dd39e4a%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201019 [GitHub] [lucene-site] tflobbe opened a new pull request #31: Add CVE-2020-13957 page","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r4ca8ba5980d9049cf3707798aa3116ee76c1582f171ff452ad2ca75e%40%3Cissues.lucene.apache.org%3E"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20201023-0002/"},{"name":"[lucene-issues] 20201029 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-commits] 20201030 [lucene-site] branch master updated: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r1c783d3d81ba62f3381a17a4d6c826f7dead3a132ba42349c90df075%40%3Ccommits.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe merged pull request #31: Add CVE-2020-13957 page","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r7512ae552cd9d14ab8b1bc0a7e95f2ec52ae85364f068d4034398ede%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-commits] 20201030 [lucene-site] 02/02: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r9d7356f209ee30d702b6a921c866564eb2e291b126640c7ab70feea7%40%3Ccommits.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe opened a new pull request #32: Publish: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r5557641fcf5cfd99260a7037cfbc8788fb546b72c98a900570edaa2e%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe commented on pull request #32: Publish: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r3d1e24a73e6bffa1d6534e1f34c8f5cbd9999495e7d933640f4fa0ed%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe closed pull request #32: Publish: Add CVE-2020-13957 page (#31)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r13a728994c60be5b5a7049282b5c926dac1fc6a9a0b2362f6adfa573%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201102 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r2f8d33a4de07db9459fb2a98a1cd39747066137636b53f84a13e5628%40%3Cissues.lucene.apache.org%3E"},{"name":"[lucene-issues] 20201102 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r853fdc6d0b91d5e01a26c7bd5becb044ad775a231703d634ca5d55c9%40%3Cissues.lucene.apache.org%3E"},{"name":"[bigtop-dev] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r2236fdf99ac3efbfc36c2df96d3a88f822baa6f45e13fec7ff558e34%40%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r999f828e6e37d9e825e207471cbfd2681c3befcd7f3abd59ed87c0d5%40%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210222 [jira] [Assigned] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/rb1de6ba50a468e9baff32a249edaa08f6bcec7dd7cc208e25e6b48c8%40%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210225 [GitHub] [bigtop] JunHe77 opened a new pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/rf1a32f00017e83ff29a74be2de02e28e4302dddb5f14c624e297a8c0%40%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210301 [GitHub] [bigtop] iwasakims merged pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r2a6600fe9afd502c04d26fd112823ec3f3c3ad1b4a289d10567a78a0%40%3Cdev.bigtop.apache.org%3E"},{"name":"[bigtop-issues] 20210301 [jira] [Resolved] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r3da9895cea476bcee2557531bebd4e8f6f367dc3ea900a65e2f51cd8%40%3Cissues.bigtop.apache.org%3E"},{"name":"[bigtop-commits] 20210301 [bigtop] branch master updated: BIGTOP-3507: CVE-2020-13957 mitigation backport (#743)","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/rb2f1c7fd3d3ea719dfac4706a80e6affddecae8663dda04e1335347f%40%3Ccommits.bigtop.apache.org%3E"},{"name":"[bigtop-dev] 20210301 [GitHub] [bigtop] JunHe77 commented on pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r622a043c2890327f8a4aea16b131e8a7137a282a004614369fceb224%40%3Cdev.bigtop.apache.org%3E"},{"name":"[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"}]}]},"cveMetadata":{"assignerOrgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","assignerShortName":"apache","cveId":"CVE-2020-13957","datePublished":"2020-10-13T18:28:52.000Z","dateReserved":"2020-06-08T00:00:00.000Z","dateUpdated":"2024-08-04T12:32:14.343Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}