{"id":"CVE-2017-1000190","details":"SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.","aliases":["GHSA-f5qf-vh69-9q4r"],"modified":"2026-04-10T03:54:37.456719Z","published":"2017-11-17T21:29:00.277Z","references":[{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"},{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/8c4ef27e2c0218f29e785990dc919266855aea137c958f10d242cb36%40%3Cdev.lucene.apache.org%3E"},{"type":"ADVISORY","url":"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"},{"type":"REPORT","url":"https://github.com/ngallagher/simplexml/issues/18"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/lucene-solr","events":[{"introduced":"0"},{"last_affected":"832bf13dd9187095831caf69783179d41059d013"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"8.4.1"}]}}],"versions":["grafts/lucene-oldest","grafts/lucene-solr-copy","grafts/lucene-solr-oldest-merged","history/branches/lucene-solr/lucene-6997","releases/lucene-solr/8.4.0","releases/lucene-solr/8.4.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000190.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.7.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}