Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-16062

lucene-core security issue

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 27.0.0.Final
    • 24.0.1.Final
    • None
    • None

      Security scan is picking up the below vulnerability:

      PRISMA-2021-0081 - org.apache.lucene_lucene-core - Apache Lucene is vulnerable to ReDos, the regex engine in Lucene can take long time and high CPU usage before determining the total count for the states of a regex.

       

      8.7.0.redhat-00002 - fixed in 8.10.0

      packagePath: /opt/jboss/keycloak/modules/system/layers/base/org/apache/lucene/main/lucene-core-8.7.0.redhat-00002.jar

              rhn-cservice-bbaranow Bartosz Baranowski
              mariosch92 Marios Charalambous (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: