VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.solr:solr-core

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-12629 critical 9.8 9.8 9y ago Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener … debianubunturedhatjava+1
CVE-2017-9803 high 7.5 7.5 9y ago Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this… debianjavaapache
CVE-2017-3163 high 7.5 7.5 9y ago Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core debianjavaapache
CVE-2017-7660 high 7.5 7.5 9y ago Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster a… debianjavaapache
CVE-2012-6612 high 7.5 13y ago Improper Restriction of XML External Entity Reference in Apache Solr debianjavaapache