CVEs-PoC/2019/CVE-2019-12401.md at 2ef066380cb36dba2e454190ca2349fcff6ca2df

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-23 19:04:02 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it’s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML causing OOMs.

POC

Reference

https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12401-XML%20Bomb-Apache%20Solr

Github

https://github.com/20142995/nuclei-templates
https://github.com/cyb3r-w0lf/nuclei-template-collection
https://github.com/mbadanoiu/CVE-2019-12401
https://github.com/plzheheplztrying/cve_monitor

1.2 KiB Raw Blame History Unescape Escape

CVE-2019-12401

Description

POC

Reference

Github

1.2 KiB

Raw Blame History