Filter
Versions
6.0.0
9
4.0.0
6
4.0.0-alpha
5
4.0.0-beta
5
7.0.0
5
9.0.0
5
3.6.2
3
4.1.0
3
4.2.0
3
4.2.1
3
4.3.0
3
6.2.0
3
6.2.1
3
6.3.0
3
6.4.0
3
8.8.1
3
1.3.0
2
3.6.0
2
3.6.1
2
4.3.1
2
4.4.0
2
4.5.0
2
4.5.1
2
5.0.0
2
5.5.0
2
5.5.3
2
5.5.4
2
6.0.1
2
6.1.0
2
6.4.1
2
6.4.2
2
6.5.0
2
6.5.1
2
6.6.0
2
8.0.0
2
8.6.2
2
1.0.0
1
1.2
1
1.4.1
1
3.1
1
4.10.0
1
4.10.1
1
4.10.2
1
4.10.4
1
4.6.0
1
4.6.1
1
4.7.0
1
4.7.1
1
4.7.2
1
4.8.0
1
4.8.1
1
4.9.0
1
4.9.1
1
5.0
1
5.2.1
1
5.3
1
5.3.0
1
5.3.1
1
5.3.2
1
5.4.0
1
5.4.1
1
5.5.1
1
5.5.2
1
5.5.5
1
6.6.1
1
6.6.2
1
6.6.3
1
6.6.4
1
6.6.5
1
6.6.6
1
7.0.1
1
7.2.1
1
7.3.0
1
7.3.1
1
7.6.0
1
7.7.3
1
8.1.0
1
8.1.1
1
8.2.0
1
8.3.1
1
8.6.0
1
8.9
1
maven/org.apache.solr:solr-coreApache Solr: System Property redaction logic inconsistency can lead to leaked passwords
7.5
EPSS
0.11%
First published (updated )
maven/org.apache.solr:solr-coreApache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users
7.5
EPSS
0.11%
First published (updated )
Apache SolrApache Solr: Solr can expose ZooKeeper credentials via Streaming Expressions
7.5
EPSS
0.05%
First published (updated )
maven/org.apache.solr:solr-coreApache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
8.8
EPSS
0.13%
First published (updated )
Apache SolrApache Solr: Host environment variables are published via the Metrics API
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Tomcat- Rapid Reset HTTP/2 vulnerability
First published (updated )
Apache SolrApache Solr information disclosure vulnerability through DataImportHandler
9.8
First published (updated )
Apache SolrApache Solr Unprivileged users may be able to perform unauthorized read/write to collections
9.1
First published (updated )
Apache SolrMisapplied Zookeeper ACLs can result in leakage of configured authentication and authorization settings
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SolrSSRF vulnerability with the Replication handler
9.8
First published (updated )
Eclipse JettyEclipse Jetty is vulnerable to a denial of service, caused by an error when handling a request conta…
7.5
First published (updated )
redhat/hadoopIn Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client mi…
8.8
First published (updated )
Apache SolrApache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features consid…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SolrIn Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes …
4.3
First published (updated )
Oracle Primavera UnifierApache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability
First published (updated )
Apache SolrSolr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource c…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SolrApache Solr DataImportHandler Code Injection Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SolrApache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an applicatio…
7.5
First published (updated )
Apache SolrApache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.