Package impact

Maven / org.apache.solr:solr-core

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2017-12629	critical	9.8	9.8	9y ago	Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener …	+1
CVE-2017-9803	high	7.5	7.5	9y ago	Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this…
CVE-2017-3163	high	7.5	7.5	9y ago	Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
CVE-2017-7660	high	7.5	7.5	9y ago	Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster a…
CVE-2012-6612	high	—	7.5	13y ago	Improper Restriction of XML External Entity Reference in Apache Solr
CVE-2019-0193	unknown	—	1.5	7y ago	XML External Entity (XXE) Injection in Apache Solr
CVE-2024-52012	unknown	—	—	1y ago	Apache Solr Relative Path Traversal vulnerability
CVE-2025-24814	unknown	—	—	1y ago	Apache Solr vulnerable to Execution with Unnecessary Privileges
CVE-2023-50292	unknown	—	—	2y ago	Apache Solr Schema Designer blindly "trusts" all configsets
CVE-2023-50291	unknown	—	—	2y ago	Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies
CVE-2023-50386	unknown	—	—	2y ago	Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
CVE-2020-13957	unknown	—	—	4y ago	Incorrect Authorization in Apache Solr
CVE-2018-1308	unknown	—	—	8y ago	There is a XML external entity expansion (XXE) vulnerability in Apache Solr
CVE-2018-8026	unknown	—	—	8y ago	XML external entity expansion in org.apache.solr:solr-core