Package impact

Maven / org.apache.solr:solr-core

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2017-12629	critical	9.8	9.8	9y ago	Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener …	+1
CVE-2013-6408	medium	—	6.4	13y ago	XML Injection in Apache Solr
CVE-2013-6407	medium	—	6.4	13y ago	The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity r…
CVE-2015-8797	medium	6.1	6.1	10y ago	Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HT…
CVE-2015-8795	medium	6.1	6.1	10y ago	Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled duri…
CVE-2021-29262	medium	—	5.5	5y ago	When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only us…
CVE-2013-6397	medium	—	4.3	13y ago	Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/selec…
CVE-2019-0193	unknown	—	1.5	7y ago	XML External Entity (XXE) Injection in Apache Solr
CVE-2024-52012	unknown	—	—	1y ago	Apache Solr Relative Path Traversal vulnerability
CVE-2025-24814	unknown	—	—	1y ago	Apache Solr vulnerable to Execution with Unnecessary Privileges
CVE-2023-50292	unknown	—	—	2y ago	Apache Solr Schema Designer blindly "trusts" all configsets
CVE-2023-50291	unknown	—	—	2y ago	Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies
CVE-2023-50386	unknown	—	—	2y ago	Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
CVE-2020-13957	unknown	—	—	4y ago	Incorrect Authorization in Apache Solr
CVE-2018-1308	unknown	—	—	8y ago	There is a XML external entity expansion (XXE) vulnerability in Apache Solr
CVE-2018-8026	unknown	—	—	8y ago	XML external entity expansion in org.apache.solr:solr-core