pkg:Maven/org.apache.solr:solr-core

共 30 筆 CVECRITICAL4HIGH14MEDIUM8

✅ 檢查你的版本

所有已知漏洞

  • HIGH7.5CVE-2019-17558⚠ KEVImproper Input Validation in Apache Solr
    >= 5.0.0, < 8.4.0
  • HIGH7.2CVE-2019-0193⚠ KEVlucene-solr - security update
    from 0, < 8.2.0
  • CRITICAL9.8CVE-2020-13957Incorrect Authorization in Apache Solr
    >= 6.6.0, < 8.6.3
  • CRITICAL9.8CVE-2019-12409Unrestricted upload of file with dangerous type in Apache Solr
    >= 8.1.1, < 8.3.0
  • CRITICAL9.8CVE-2019-0192Critical severity vulnerability that affects org.apache.solr:solr-core
    >= 5.0.0, < 7.0.0
  • CRITICAL9.8CVE-2017-12629lucene-solr - security update
    >= 7.0.0, < 7.1.0
  • HIGH8.8CVE-2023-50386Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
    >= 6.0.0, < 8.11.3
  • HIGH8.2CVE-2026-22022Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin
    >= 5.3.0, < 9.10.1
  • HIGH7.5CVE-2023-50291Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords
    >= 6.0.0, < 8.11.3
  • HIGH7.5CVE-2023-50292Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users
    >= 9.0.0, < 9.3.0
  • HIGH7.5CVE-2019-12401Apache Solr vulnerable to XML Bomb
    from 0, < 5.0.0
  • HIGH7.5CVE-2017-7660Apache Solr insecure inter-node communication
    >= 5.3.0, < 5.5.5
  • HIGH7.5CVE-2017-9803Apache Solr Kerberos delegation token functionality flaws
    >= 6.2.0, < 6.6.1
  • HIGH7.5CVE-2021-29262Misapplied Zookeeper ACLs can result in leakage of configured authentication and authorization settings
    from 0, < 8.8.2
  • HIGH7.5CVE-2017-3164Server-Side Request Forgery (SSRF) in org.apache.solr:solr-core
    >= 1.3.0, < 7.7.0
  • HIGH7.5CVE-2017-3163lucene-solr - security update
    from 0, < 5.5.4
  • HIGH7.5CVE-2018-1308lucene-solr - security update
    >= 1.2, < 6.6.3
  • HIGH7.1CVE-2026-22444Apache Solr: Insufficient file-access checking in standalone core-creation requests
    >= 8.6.0, < 9.10.1
  • MEDIUM6.5CVE-2023-50290Apache Solr: Host environment variables are published via the Metrics API
    >= 9.0.0, < 9.3.0
  • MEDIUM6.1CVE-2015-8795Improper Neutralization of Input During Web Page Generation in Apache Solr
    from 0, < 5.1.0
  • MEDIUM6.1CVE-2015-8797Improper Neutralization of Input During Web Page Generation in Apache Solr
    from 0, < 5.3.1
  • MEDIUM5.5CVE-2025-24814Apache Solr vulnerable to Execution with Unnecessary Privileges
    from 0, < 9.8.0
  • MEDIUM5.5CVE-2018-8010There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files
    >= 6.6.0, < 6.6.4
  • MEDIUM5.5CVE-2018-8026XML external entity expansion in org.apache.solr:solr-core
    >= 7.0.0, < 7.4.0
  • MEDIUM5.4CVE-2024-52012Apache Solr Relative Path Traversal vulnerability
    >= 6.6, < 9.8.0
  • MEDIUM4.3CVE-2018-11802Incorrect Authorization in Apache Solr
    >= 7.0.0, < 7.7.0
  • CVE-2012-6612lucene-solr - security update
    from 0, < 4.1.0
  • CVE-2013-6408XML Injection in Apache Solr
    from 0, < 4.3.1
  • CVE-2013-6407Apache Solr UpdateRequestHandler for XML resolves XML External Entities
    from 0, < 4.1.0
  • CVE-2013-6397Improper Limitation of a Pathname to a Restricted Directory in Apache Solr
    from 0, < 4.6.0