[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2017-0403":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T14:55:33.319Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":20,"modified_at":21,"state":9,"summary":22,"references_raw":24,"kevs":41,"epss":9,"epss_history":42,"metrics":43,"affected":44},"MGASA-2017-0403","Updated lucene packages fix security vulnerability\n\nIt was found that the CoreParser class in Lucene accepts doctype\ndeclaration and expands external entities. An attacker could use this\nflaw to bypass security restrictions and access sensitive data\n(CVE-2017-12629).\n",null,[],[],[],[14],{"_key":15},"CVE-2017-12629",[],[],[19],{"_key":15},"2017-11-06T08:22:52Z","2026-04-16T06:24:26.997019977Z",{"cisa_kev":23,"cisa_ransomware":23,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[25,31,36],{"url":26,"sources":27,"tags":29},"https://advisories.mageia.org/MGASA-2017-0403.html",[28],"osv_mageia",[30],"Advisory",{"url":32,"sources":33,"tags":34},"https://bugs.mageia.org/show_bug.cgi?id=21976",[28],[35],"REPORT",{"url":37,"sources":38,"tags":39},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GTE5P6CWLVBPWNLR3RMLZGEFUYCZZR5V/",[28],[35,40],"WEB",[],[],[],[45],{"ecosystem":46,"name":47,"vendor":48,"product":47,"cpe_part":9,"purl_type":49,"purl_namespace":48,"purl_name":47,"source":9,"versions":50},"Mageia","lucene","mageia","rpm",[51],{"version":52,"is_range":53,"range_type":54,"version_start":9,"version_start_type":9,"version_end":55,"version_end_type":56,"fixed_in":9},"lt5_5_0_4_1_mga6",true,"ecosystem","5.5.0-4.1.mga6","excluding"]