VYPR
Get started
← All advisories
Moderate severityNVD Advisory· Published Aug 21, 2024· Updated Aug 21, 2024

CKAN may leak Solr credentials via error message in package_search action

CVE-2024-41674

Description

CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr server, the internal Solr URL (potentially including credentials) could be leaked to package_search calls as part of the returned error message. This has been patched in CKAN 2.10.5 and 2.11.0.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
ckanPyPI
>= 2.0.0, < 2.10.52.10.5

Affected products

1

Patches

2
66abe4266346

Update version for 2.10.5

https://github.com/ckan/ckanamercaderAug 21, 2024via osv
commit
1 file changed · +1 1
  • ckan/__init__.py+1 1 modified
    @@ -1,6 +1,6 @@
 # encoding: utf-8
 
-__version__ = "2.10.5b"
+__version__ = "2.10.5"
 
 # The packaging system relies on this import, please do not remove it
 # type_ignore_reason: pyright thinks it's iterable
f6b032cd7082

Merge commit from fork

https://github.com/ckan/ckanAdrià MercaderAug 19, 2024via ghsa
commit
6 files changed · +37 4
  • ckan/lib/search/common.py+4 0 modified
    @@ -29,6 +29,10 @@ class SearchQueryError(SearchError):
     pass
 
 
+class SolrConnectionError(Exception):
+    pass
+
+
 DEFAULT_SOLR_URL = 'http://127.0.0.1:8983/solr/ckan'
  • ckan/lib/search/__init__.py+1 0 modified
    @@ -22,6 +22,7 @@
 
 from ckan.lib.search.common import (
     make_connection, SearchIndexError, SearchQueryError,  # type: ignore
+    SolrConnectionError, # type: ignore
     SearchError, is_available, SolrSettings, config
 )
 from ckan.lib.search.index import (
  • ckan/lib/search/query.py+7 1 modified
    @@ -18,7 +18,7 @@
 
 from ckan.common import config
 from ckan.lib.search.common import (
-    make_connection, SearchError, SearchQueryError
+    make_connection, SearchError, SearchQueryError, SolrConnectionError
 )
 from ckan.types import Context
 
@@ -473,6 +473,12 @@ def _check_query_parser(param: str, value: Any):
                         "Can't determine Sort Order" in e.args[0] or \
                         'Unknown sort order' in e.args[0]:
                     raise SearchQueryError('Invalid "sort" parameter')
+
+                if ("Failed to connect to server" in e.args[0] or 
+                        "Connection to server" in e.args[0]):
+                    log.warning("Connection Error: Failed to connect to Solr server.")
+                    raise SolrConnectionError("Solr returned an error while searching.")
+
             raise SearchError('SOLR returned an error running query: %r Error: %r' %
                               (query, e))
         self.count = solr_response.hits
  • ckan/tests/controllers/test_api.py+9 0 modified
    @@ -416,3 +416,12 @@ def test_header_based_auth_default_post(app):
     res = app.post(url, environ_overrides=env, data=data)
 
     assert res.status_code == 200
+
+
+@pytest.mark.ckan_config("solr_url", "https://xxxx/notofund")
+def test_package_search_connection_errors(app):
+
+    res = app.get(
+        url_for("api.action", logic_function="package_search", ver=3),
+    )
+    assert res.json["error"]["__type"] == "Search Connection Error"
  • ckan/views/api.py+9 1 modified
    @@ -22,7 +22,9 @@
 
 from ckan.lib.navl.dictization_functions import DataError
 from ckan.logic import get_action, ValidationError, NotFound, NotAuthorized
-from ckan.lib.search import SearchError, SearchIndexError, SearchQueryError
+from ckan.lib.search import (
+    SearchError, SearchIndexError, SearchQueryError, SolrConnectionError
+)
 from ckan.types import Context, Response, ActionResult
 
 
@@ -333,6 +335,12 @@ def action(logic_function: str, ver: int = API_DEFAULT_VERSION) -> Response:
                        str(e)}
         return_dict[u'success'] = False
         return _finish(500, return_dict, content_type=u'json')
+    except SolrConnectionError:
+        return_dict[u'error'] = {
+            u'__type': u'Search Connection Error',
+            u'message': u'Unable to connect to the search server'}
+        return_dict[u'success'] = False
+        return _finish(500, return_dict, content_type=u'json')
     except Exception as e:
         return_dict[u'error'] = {
             u'__type': u'Internal Server Error',
  • ckan/views/dataset.py+7 2 modified
    @@ -26,7 +26,9 @@
 from ckan.common import _, config, g, request
 from ckan.views.home import CACHE_PARAMETERS
 from ckan.lib.plugins import lookup_package_plugin
-from ckan.lib.search import SearchError, SearchQueryError, SearchIndexError
+from ckan.lib.search import (
+    SearchError, SearchQueryError, SearchIndexError, SolrConnectionError
+)
 from ckan.types import Context, Response
 
 
@@ -348,7 +350,10 @@ def search(package_type: str) -> str:
             _(u'Invalid search query: {error_message}')
             .format(error_message=str(se))
         )
-    except SearchError as se:
+    except (SearchError, SolrConnectionError) as se:
+        if isinstance(se, SolrConnectionError):
+            base.abort(500, se.args[0])
+
         # May be bad input from the user, but may also be more serious like
         # bad code causing a SOLR syntax error, or a problem connecting to
         # SOLR

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.