1. Home
  2. Packages
  3. maven
  4. org.apache.solr
  5. solr-core

pkg:maven/org.apache.solr/solr-core

Type maven
Namespace org.apache.solr
Name solr-core

Known advisories, vulnerabilities and fixes for org.apache.solr/solr-core package.

Repository
https://mvnrepository.com/artifact/org.apache.solr/solr-core
Critical 3
High 9
Moderate 12
Low 1
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected >= 8.1.1, <= 8.2.0 CVE-2019-12409
maven MAVEN:GHSA-2289-PQFQ-6WX7 Unrestricted upload of file with dangerous type in Apache Solr critical 2020-01-28T22:26:54
(4 years ago)
Fixed = 8.3.0 CVE-2019-12409
maven MAVEN:GHSA-2289-PQFQ-6WX7 Unrestricted upload of file with dangerous type in Apache Solr critical 2020-01-28T22:26:54
(4 years ago)
Affected >= 9.0.0, < 9.4.1 >= 6.0.0, < 8.11.3 CVE-2023-50386
maven MAVEN:GHSA-37VR-VMG4-JWPW Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets moderate 2024-02-09T18:31:07
(7 months ago)
Fixed = 9.4.1 = 8.11.3 CVE-2023-50386
maven MAVEN:GHSA-37VR-VMG4-JWPW Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets moderate 2024-02-09T18:31:07
(7 months ago)
Affected >= 6.0.0, < 6.4.1 < 5.5.4 CVE-2017-3163
maven MAVEN:GHSA-387V-84CV-9QMC Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core high 2018-10-18T16:40:43
(6 years ago)
Fixed = 6.4.1 = 5.5.4 CVE-2017-3163
maven MAVEN:GHSA-387V-84CV-9QMC Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core high 2018-10-18T16:40:43
(6 years ago)
Affected < 8.2.0 CVE-2019-0193
maven MAVEN:GHSA-3GM7-V7VW-866C XML External Entity (XXE) Injection in Apache Solr high 2019-08-01T19:17:35
(5 years ago)
Fixed = 8.2.0 CVE-2019-0193
maven MAVEN:GHSA-3GM7-V7VW-866C XML External Entity (XXE) Injection in Apache Solr high 2019-08-01T19:17:35
(5 years ago)
Affected >= 9.0.0, < 9.3.0 >= 6.0.0, < 8.11.3 CVE-2023-50291
maven MAVEN:GHSA-3HWC-RQWP-V36Q Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies moderate 2024-02-09T18:31:07
(7 months ago)
Fixed = 9.3.0 = 8.11.3 CVE-2023-50291
maven MAVEN:GHSA-3HWC-RQWP-V36Q Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies moderate 2024-02-09T18:31:07
(7 months ago)
Affected >= 7.0.0, < 7.2.1 >= 1.2, < 6.6.3 CVE-2018-1308
maven MAVEN:GHSA-3PPH-2595-CGFH There is a XML external entity expansion (XXE) vulnerability in Apache Solr high 2018-10-17T19:55:46
(6 years ago)
Fixed = 7.2.1 = 6.6.3 CVE-2018-1308
maven MAVEN:GHSA-3PPH-2595-CGFH There is a XML external entity expansion (XXE) vulnerability in Apache Solr high 2018-10-17T19:55:46
(6 years ago)
Affected < 4.3.1 CVE-2013-6408
maven MAVEN:GHSA-45W3-2HVV-PFXQ XML Injection in Apache Solr moderate 2022-05-17T04:39:49
(2 years ago)
Fixed = 4.3.1 CVE-2013-6408
maven MAVEN:GHSA-45W3-2HVV-PFXQ XML Injection in Apache Solr moderate 2022-05-17T04:39:49
(2 years ago)
Affected >= 8.10.0, < 8.11.3 >= 9.0.0, < 9.3.0 CVE-2023-50292
maven MAVEN:GHSA-4WXW-42WX-2WFX Apache Solr Schema Designer blindly "trusts" all configsets low 2024-02-09T18:31:07
(7 months ago)
Fixed = 8.11.3 = 9.3.0 CVE-2023-50292
maven MAVEN:GHSA-4WXW-42WX-2WFX Apache Solr Schema Designer blindly "trusts" all configsets low 2024-02-09T18:31:07
(7 months ago)
Affected < 4.1.0 CVE-2012-6612
maven MAVEN:GHSA-6CPJ-3G83-Q2J4 Improper Restriction of XML External Entity Reference in Apache Solr high 2022-05-17T04:50:16
(2 years ago)
Fixed = 4.1.0 CVE-2012-6612
maven MAVEN:GHSA-6CPJ-3G83-Q2J4 Improper Restriction of XML External Entity Reference in Apache Solr high 2022-05-17T04:50:16
(2 years ago)
Affected >= 7.0.0, < 7.4.0 >= 6.0.0, < 6.6.5 CVE-2018-8026
maven MAVEN:GHSA-7PX3-6F6G-HXCJ XML external entity expansion in org.apache.solr:solr-core moderate 2018-10-17T19:55:34
(6 years ago)
Fixed = 7.4.0 = 6.6.5 CVE-2018-8026
maven MAVEN:GHSA-7PX3-6F6G-HXCJ XML external entity expansion in org.apache.solr:solr-core moderate 2018-10-17T19:55:34
(6 years ago)
Affected < 4.1.0 CVE-2013-6407
maven MAVEN:GHSA-998J-J6V9-5846 Apache Solr UpdateRequestHandler for XML resolves XML External Entities moderate 2022-05-17T04:39:49
(2 years ago)
Fixed = 4.1.0 CVE-2013-6407
maven MAVEN:GHSA-998J-J6V9-5846 Apache Solr UpdateRequestHandler for XML resolves XML External Entities moderate 2022-05-17T04:39:49
(2 years ago)
Affected >= 6.0.0, < 6.6.0 >= 5.3.0, < 5.5.5 CVE-2017-7660
maven MAVEN:GHSA-C82R-QG3W-Q5MV Apache Solr insecure inter-node communication high 2022-05-14T01:56:08
(2 years ago)
Fixed = 6.6.0 = 5.5.5 CVE-2017-7660
maven MAVEN:GHSA-C82R-QG3W-Q5MV Apache Solr insecure inter-node communication high 2022-05-14T01:56:08
(2 years ago)
Affected >= 6.2.0, < 6.6.1 CVE-2017-9803
maven MAVEN:GHSA-F553-J2GV-G5R9 Apache Solr Kerberos delegation token functionality flaws high 2022-05-14T01:23:18
(2 years ago)
Fixed = 6.6.1 CVE-2017-9803
maven MAVEN:GHSA-F553-J2GV-G5R9 Apache Solr Kerberos delegation token functionality flaws high 2022-05-14T01:23:18
(2 years ago)
Affected >= 9.0.0, < 9.3.0 CVE-2023-50290
maven MAVEN:GHSA-GG7W-PW2R-X2CQ Apache Solr allows read access to host environmet variables moderate 2024-01-15T12:30:19
(8 months ago)
Fixed = 9.3.0 CVE-2023-50290
maven MAVEN:GHSA-GG7W-PW2R-X2CQ Apache Solr allows read access to host environmet variables moderate 2024-01-15T12:30:19
(8 months ago)
Affected < 7.7.0 CVE-2018-11802
maven MAVEN:GHSA-J346-H5WC-RW2M Incorrect Authorization in Apache Solr moderate 2022-02-09T23:19:26
(2 years ago)
Fixed = 7.7.0 CVE-2018-11802
maven MAVEN:GHSA-J346-H5WC-RW2M Incorrect Authorization in Apache Solr moderate 2022-02-09T23:19:26
(2 years ago)
Affected < 4.6.0 CVE-2013-6397
maven MAVEN:GHSA-J8QW-MWMV-28CG Improper Limitation of a Pathname to a Restricted Directory in Apache Solr moderate 2022-05-17T04:04:29
(2 years ago)
Fixed = 4.6.0 CVE-2013-6397
maven MAVEN:GHSA-J8QW-MWMV-28CG Improper Limitation of a Pathname to a Restricted Directory in Apache Solr moderate 2022-05-17T04:04:29
(2 years ago)
Affected < 8.8.2 CVE-2021-29262
maven MAVEN:GHSA-JGCR-FG3G-QVW8 Improper permission handling in Apache Solr high 2021-05-10T15:18:17
(3 years ago)
Fixed = 8.8.2 CVE-2021-29262
maven MAVEN:GHSA-JGCR-FG3G-QVW8 Improper permission handling in Apache Solr high 2021-05-10T15:18:17
(3 years ago)
Affected < 5.0.0 CVE-2019-12401
maven MAVEN:GHSA-JQ2W-W7V2-69Q5 Apache Solr vulnerable to XML Bomb high 2022-05-24T22:00:29
(2 years ago)
Fixed = 5.0.0 CVE-2019-12401
maven MAVEN:GHSA-JQ2W-W7V2-69Q5 Apache Solr vulnerable to XML Bomb high 2022-05-24T22:00:29
(2 years ago)
Affected >= 5.5.0, < 5.5.5 >= 6.0.0, < 6.6.2 >= 7.0.0, < 7.1.0 CVE-2017-12629
maven MAVEN:GHSA-MH7G-99W9-XPJM Remote code execution occurs in Apache Solr critical 2018-10-17T19:56:17
(6 years ago)
Fixed = 5.5.5 = 6.6.2 = 7.1.0 CVE-2017-12629
maven MAVEN:GHSA-MH7G-99W9-XPJM Remote code execution occurs in Apache Solr critical 2018-10-17T19:56:17
(6 years ago)
Affected < 5.1.0 CVE-2015-8795
maven MAVEN:GHSA-MX2H-HF7J-2X3P Improper Neutralization of Input During Web Page Generation in Apache Solr moderate 2022-05-17T03:59:03
(2 years ago)
Fixed = 5.1.0 CVE-2015-8795
maven MAVEN:GHSA-MX2H-HF7J-2X3P Improper Neutralization of Input During Web Page Generation in Apache Solr moderate 2022-05-17T03:59:03
(2 years ago)
Affected >= 7.0.0, < 7.3.1 >= 6.6.0, < 6.6.4 CVE-2018-8010
maven MAVEN:GHSA-RC9V-H28F-JCMF There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files moderate 2018-10-17T19:56:04
(6 years ago)
Fixed = 7.3.1 = 6.6.4 CVE-2018-8010
maven MAVEN:GHSA-RC9V-H28F-JCMF There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files moderate 2018-10-17T19:56:04
(6 years ago)
Affected <= 5.3.0 CVE-2015-8797
maven MAVEN:GHSA-V6GF-X8FP-532V Improper Neutralization of Input During Web Page Generation in Apache Solr moderate 2022-05-17T03:58:49
(2 years ago)
Fixed = 5.3.1 CVE-2015-8797
maven MAVEN:GHSA-V6GF-X8FP-532V Improper Neutralization of Input During Web Page Generation in Apache Solr moderate 2022-05-17T03:58:49
(2 years ago)
Affected >= 1.30, <= 7.6.0 CVE-2017-3164
maven MAVEN:GHSA-VRH8-27Q8-FR8F Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core high 2019-03-14T15:39:56
(5 years ago)
Fixed = 7.7.0 CVE-2017-3164
maven MAVEN:GHSA-VRH8-27Q8-FR8F Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core high 2019-03-14T15:39:56
(5 years ago)
Affected >= 8.0.0, <= 8.3.1 >= 7.0.0, <= 7.7.2 >= 6.0.0, <= 6.6.6 >= 5.0.0, <= 5.5.5 CVE-2019-17558
maven MAVEN:GHSA-WW97-9W65-2CRX Improper Input Validation in Apache Solr moderate 2020-02-12T18:45:28
(4 years ago)
Fixed = 8.4.0 CVE-2019-17558
maven MAVEN:GHSA-WW97-9W65-2CRX Improper Input Validation in Apache Solr moderate 2020-02-12T18:45:28
(4 years ago)
Affected >= 6.0.0, <= 6.6.5 >= 5.0.0, <= 5.5.5 CVE-2019-0192
maven MAVEN:GHSA-XHCQ-FV7X-GRR2 Critical severity vulnerability that affects org.apache.solr:solr-core critical 2019-03-14T15:39:45
(5 years ago)
Fixed = 7.0.0 CVE-2019-0192
maven MAVEN:GHSA-XHCQ-FV7X-GRR2 Critical severity vulnerability that affects org.apache.solr:solr-core critical 2019-03-14T15:39:45
(5 years ago)