pkg:Maven/org.apache.solr:solr-core

All known vulnerabilities

• HIGH7.5CVE-2019-17558⚠ KEVImproper Input Validation in Apache Solr
  >= 5.0.0, < 8.4.0
• HIGH7.2CVE-2019-0193⚠ KEVlucene-solr - security update
  from 0, < 8.2.0
• CRITICAL9.8Incorrect Authorization in Apache Solr
  >= 6.6.0, < 8.6.3
• CRITICAL9.8Unrestricted upload of file with dangerous type in Apache Solr
  >= 8.1.1, < 8.3.0
• CRITICAL9.8Critical severity vulnerability that affects org.apache.solr:solr-core
  >= 5.0.0, < 7.0.0
• CRITICAL9.8lucene-solr - security update
  >= 7.0.0, < 7.1.0
• HIGH8.8Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
  >= 6.0.0, < 8.11.3
• HIGH8.2Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin
  >= 5.3.0, < 9.10.1
• HIGH7.5Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies
  >= 6.0.0, < 8.11.3
• HIGH7.5Apache Solr Schema Designer blindly "trusts" all configsets
  >= 9.0.0, < 9.3.0
• HIGH7.5Apache Solr vulnerable to XML Bomb
  from 0, < 5.0.0
• HIGH7.5Apache Solr insecure inter-node communication
  >= 5.3.0, < 5.5.5
• HIGH7.5Apache Solr Kerberos delegation token functionality flaws
  >= 6.2.0, < 6.6.1
• HIGH7.5Improper permission handling in Apache Solr
  from 0, < 8.8.2
• HIGH7.5Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core
  >= 1.3.0, < 7.7.0
• HIGH7.5lucene-solr - security update
  from 0, < 5.5.4
• HIGH7.5lucene-solr - security update
  >= 1.2, < 6.6.3
• HIGH7.1Apache Solr: Insufficient file-access checking in standalone core-creation requests
  >= 8.6.0, < 9.10.1
• MEDIUM6.5Apache Solr allows read access to host environmet variables
  >= 9.0.0, < 9.3.0
• MEDIUM6.1Improper Neutralization of Input During Web Page Generation in Apache Solr
  from 0, < 5.1.0
• MEDIUM6.1Improper Neutralization of Input During Web Page Generation in Apache Solr
  from 0, < 5.3.1
• MEDIUM5.5Apache Solr vulnerable to Execution with Unnecessary Privileges
  from 0, < 9.8.0
• MEDIUM5.5There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files
  >= 6.6.0, < 6.6.4
• MEDIUM5.5XML external entity expansion in org.apache.solr:solr-core
  >= 7.0.0, < 7.4.0
• MEDIUM5.4Apache Solr Relative Path Traversal vulnerability
  >= 6.6, < 9.8.0
• MEDIUM4.3Incorrect Authorization in Apache Solr
  >= 7.0.0, < 7.7.0
• —lucene-solr - security update
  from 0, < 4.1.0
• —XML Injection in Apache Solr
  from 0, < 4.3.1
• —Apache Solr UpdateRequestHandler for XML resolves XML External Entities
  from 0, < 4.1.0
• —Improper Limitation of a Pathname to a Restricted Directory in Apache Solr
  from 0, < 4.6.0