| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2023-50386 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Improper Control of Dynamically-Managed Code Resources, Unrestricted U ... |
| CVE-2023-50298 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ... |
| CVE-2023-50292 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Incorrect Permission Assignment for Critical Resource, Improper Contro ... |
| CVE-2023-50291 | vulnerable | vulnerable | vulnerable | fixed | fixed | fixed | fixed | Insufficiently Protected Credentials vulnerability in Apache Solr. Th ... |
| CVE-2021-27905 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | The ReplicationHandler (normally registered at "/replication" under a ... |
| CVE-2020-13941 | vulnerable | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), rel ... |
| Bug | Description |
|---|
| CVE-2024-45217 | Insecure Default Initialization of Resource vulnerability in Apache So ... |
| CVE-2024-45216 | Improper Authentication vulnerability in Apache Solr. Solr instances ... |
| CVE-2023-50290 | Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ... |
| CVE-2021-44548 | An Improper Input Validation vulnerability in DataImportHandler of Apa ... |
| CVE-2021-29943 | When using ConfigurableInternodeAuthHadoopPlugin for authentication, A ... |
| CVE-2021-29262 | When starting Apache Solr versions prior to 8.8.2, configured with the ... |
| CVE-2020-13957 | Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 ... |
| CVE-2019-12409 | The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure settin ... |
| CVE-2019-12401 | Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are v ... |
| CVE-2019-0193 | In Apache Solr, the DataImportHandler, an optional but popular module ... |
| CVE-2019-0192 | In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config ... |
| CVE-2018-11802 | In Apache Solr, the cluster can be partitioned into multiple collectio ... |
| CVE-2018-8026 | This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 re ... |
| CVE-2018-8010 | This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relat ... |
| CVE-2018-1308 | This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 rela ... |
| CVE-2017-12629 | Remote code execution occurs in Apache Solr before 7.1 with Apache Luc ... |
| CVE-2017-9803 | Apache Solr's Kerberos plugin can be configured to use delegation toke ... |
| CVE-2017-7660 | Apache Solr uses a PKI based mechanism to secure inter-node communicat ... |
| CVE-2017-3163 | When using the Index Replication feature, Apache Solr nodes can pull i ... |
| CVE-2015-8797 | Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plug ... |
| CVE-2015-8796 | Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/sche ... |
| CVE-2015-8795 | Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in ... |
| CVE-2014-3628 | Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stat ... |
| CVE-2013-6408 | The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does no ... |
| CVE-2013-6407 | The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remo ... |
| CVE-2013-6397 | Directory traversal vulnerability in SolrResourceLoader in Apache Solr ... |
| CVE-2012-6612 | The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in A ... |