Search CVE reports
1 – 10 of 36 results
Core creation allows users to replace “trusted” configset files with arbitrary configuration Solr instances that (1) use the “FileSystemConfigSetService” component (the default in “standalone” or “user-managed” mode), and (2) are...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Not affected | Not affected | Needs evaluation | Needs evaluation |
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the “configset upload” API. Commonly known as a...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Not affected | Not affected | Not affected | Not affected |
Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Not affected | Not affected | Not affected | Not affected |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. Solr Streaming Expressions allows users to extract data...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Not affected | Not affected | Not affected | Not affected |
Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Not affected | Not affected | Not affected | Not affected |
Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process’ Java...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify...
1 affected package
lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
lucene-solr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A shortcoming in the HMEF package of poi-scratchpad (Apache POI) allows an attacker to cause an Out of Memory exception. This package is used to read TNEF files (Microsoft Outlook and Microsoft Exchange Server). If an application...
2 affected packages
libapache-poi-java, lucene-solr
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
---|---|---|---|---|
libapache-poi-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
lucene-solr | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |