Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

Apache Solr — Vulnerabilities & Security Advisories 28

All 28 CVE vulnerabilities found in Apache Solr, with AI-generated Chinese analysis, references, and POCs.

Vendor: Apache Software Foundation

CVE IDTitleCVSSSeverityPaused
CVE-2026-22022 Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin CWE-285 9.8AICriticalAI2026-01-21
CVE-2026-22444 Apache Solr: Insufficient file-access checking in standalone core-creation requests CWE-20 5.3AIMediumAI2026-01-21
CVE-2025-24814 Apache Solr: Core-creation with "trusted" configset can use arbitrary untrusted files CWE-250 9.8 -2025-01-27
CVE-2024-52012 Apache Solr: Configset upload on Windows allows arbitrary path write-access CWE-23 7.7 -2025-01-27
CVE-2024-45217 Apache Solr: ConfigSets created during a backup restore command are trusted implicitly CWE-1188 8.8 -2024-10-16
CVE-2024-45216 Apache Solr: Authentication bypass possible using a fake URL Path ending CWE-287 9.8 -2024-10-16
CVE-2023-50291 Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords CWE-522 7.5 -2024-02-09
CVE-2023-50292 Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users CWE-732 9.8 -2024-02-09
CVE-2023-50298 Apache Solr: Solr can expose ZooKeeper credentials via Streaming Expressions CWE-200 7.5 -2024-02-09
CVE-2023-50386 Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets CWE-434 9.8 -2024-02-09
CVE-2023-50290 Apache Solr: Host environment variables are published via the Metrics API CWE-200 7.5 -2024-01-15
CVE-2021-44548 Apache Solr information disclosure vulnerability through DataImportHandler CWE-40 8.8 -2021-12-23
CVE-2021-29943 Apache Solr Unprivileged users may be able to perform unauthorized read/write to collections CWE-863 9.1 -2021-04-13
CVE-2021-29262 Misapplied Zookeeper ACLs can result in leakage of configured authentication and authorization settings CWE-522 7.5 -2021-04-13
CVE-2021-27905 SSRF vulnerability with the Replication handler CWE-918 9.1 -2021-04-13
CVE-2020-13957 Apache Solr 安全漏洞 9.8 -2020-10-13
CVE-2020-13941 Apache Solr 输入验证错误漏洞 8.8 -2020-08-17
CVE-2018-11802 Apache Solr 安全漏洞 7.1 -2020-04-01
CVE-2019-17558 Apache Solr 注入漏洞 7.5 -2019-12-30
CVE-2019-0193 Apache Solr 代码注入漏洞 7.2 -2019-08-01
CVE-2017-3164 Apache Solr 代码问题漏洞 6.5 -2019-03-08
CVE-2019-0192 Apache Solr 代码问题漏洞 9.8 -2019-03-07
CVE-2018-8026 Apache Solr 安全漏洞 6.5 -2018-07-05
CVE-2018-8010 Apache Solr 安全漏洞 5.5 -2018-05-21
CVE-2018-1308 Apache Solr DataImportHandler 安全漏洞 7.5 -2018-04-09
CVE-2017-9803 Apache Solr 授权问题漏洞 8.8 -2017-09-18
CVE-2017-3163 Apache Solr 安全漏洞 7.5 -2017-08-30
CVE-2017-7660 Apache Solr 安全漏洞 --2017-07-07

All 28 known CVE vulnerabilities affecting Apache Solr with full Chinese analysis, references, and POCs where available.