VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.apache.solr:solr-core

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-12629 critical 9.8 9.8 9y ago Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener … debianubunturedhatjava+1
CVE-2017-9803 high 7.5 7.5 9y ago Apache Solr Kerberos delegation token functionality flaws debianjavaapache
CVE-2017-3163 high 7.5 7.5 9y ago Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core debianjavaapache
CVE-2017-7660 high 7.5 7.5 9y ago Apache Solr insecure inter-node communication debianjavaapache
CVE-2012-6612 high 7.5 13y ago Improper Restriction of XML External Entity Reference in Apache Solr debianjavaapache
CVE-2013-6408 medium 6.4 13y ago XML Injection in Apache Solr debianjavaapache
CVE-2013-6407 medium 6.4 13y ago Apache Solr UpdateRequestHandler for XML resolves XML External Entities debianjavaapache
CVE-2015-8797 medium 6.1 6.1 10y ago Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HT… debianjavaapache
CVE-2015-8795 medium 6.1 6.1 10y ago Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled duri… debianjavaapache
CVE-2021-29262 medium 5.5 5y ago Improper permission handling in Apache Solr archdebianjava
CVE-2013-6397 medium 4.3 13y ago Improper Limitation of a Pathname to a Restricted Directory in Apache Solr debianjavaapache