Bitnami package
solr
pkg:bitnami/solr
Vulnerabilities (22)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-22022 | — | >= 5.3.0, < 9.10.1 | 9.10.1 | Jan 21, 2026 | Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the fol | ||
| CVE-2026-22444 | — | >= 8.6.0, < 9.10.1 | 9.10.1 | Jan 21, 2026 | The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of and attempt to read file-system paths that should be disallowed by Solr's "allowPaths" security setting https://https: | ||
| CVE-2025-24814 | — | < 9.8.0 | 9.8.0 | Jan 27, 2025 | Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization | ||
| CVE-2024-52012 | — | >= 6.6.0, < 9.8.0 | 9.8.0 | Jan 27, 2025 | Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use r | ||
| CVE-2024-45217 | — | >= 6.6.0, < 8.11.4 | 8.11.4 | Oct 16, 2024 | Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the | ||
| CVE-2024-45216 | — | >= 5.3.0, < 8.11.4 | 8.11.4 | Oct 16, 2024 | Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the end of any Solr API URL path, will allow requests t | ||
| CVE-2023-50291 | — | >= 6.0.0, < 8.11.3 | 8.11.3 | Feb 9, 2024 | Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide | ||
| CVE-2023-50292 | — | >= 6.0.0, < 8.11.3 | 8.11.3 | Feb 9, 2024 | Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to | ||
| CVE-2023-50298 | — | >= 6.0.0, < 8.11.3 | 8.11.3 | Feb 9, 2024 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter. | ||
| CVE-2023-50386 | — | >= 6.0.0, < 8.11.3 | 8.11.3 | Feb 9, 2024 | Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In t | ||
| CVE-2023-50290 | — | >= 9.0.0, < 9.3.0 | 9.3.0 | Jan 15, 2024 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the defaul | ||
| CVE-2023-44487 | Hig | 7.5 | KEV | < 9.4.0 | 9.4.0 | Oct 10, 2023 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2021-44548 | — | < 8.11.1 | 8.11.1 | Dec 23, 2021 | An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may | ||
| CVE-2021-33813 | — | >= 8.8.1, < 8.8.2 | 8.8.2 | Jun 16, 2021 | An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. | ||
| CVE-2021-29943 | — | < 8.8.2 | 8.8.2 | Apr 13, 2021 | When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiv | ||
| CVE-2021-29262 | — | < 8.8.2 | 8.8.2 | Apr 13, 2021 | When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and woul | ||
| CVE-2021-27905 | — | < 8.8.2 | 8.8.2 | Apr 13, 2021 | The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a | ||
| CVE-2021-28163 | — | >= 8.8.1, < 8.8.2 | 8.8.2 | Apr 1, 2021 | In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that m | ||
| CVE-2020-27223 | — | >= 8.8.1, < 8.8.2 | 8.8.2 | Feb 26, 2021 | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage pr | ||
| CVE-2020-9492 | — | >= 8.6.0, < 8.6.1 | 8.6.1 | Jan 26, 2021 | In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. |
- CVE-2026-22022Jan 21, 2026affected >= 5.3.0, < 9.10.1fixed 9.10.1
Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the fol
- CVE-2026-22444Jan 21, 2026affected >= 8.6.0, < 9.10.1fixed 9.10.1
The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of and attempt to read file-system paths that should be disallowed by Solr's "allowPaths" security setting https://https:
- CVE-2025-24814Jan 27, 2025affected < 9.8.0fixed 9.8.0
Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization
- CVE-2024-52012Jan 27, 2025affected >= 6.6.0, < 9.8.0fixed 9.8.0
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use r
- CVE-2024-45217Oct 16, 2024affected >= 6.6.0, < 8.11.4fixed 8.11.4
Insecure Default Initialization of Resource vulnerability in Apache Solr. New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the "trusted" metadata. ConfigSets that do not contain the
- CVE-2024-45216Oct 16, 2024affected >= 5.3.0, < 8.11.4fixed 8.11.4
Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the end of any Solr API URL path, will allow requests t
- CVE-2023-50291Feb 9, 2024affected >= 6.0.0, < 8.11.3fixed 8.11.3
Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide
- CVE-2023-50292Feb 9, 2024affected >= 6.0.0, < 8.11.3fixed 8.11.3
Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to
- CVE-2023-50298Feb 9, 2024affected >= 6.0.0, < 8.11.3fixed 8.11.3
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter.
- CVE-2023-50386Feb 9, 2024affected >= 6.0.0, < 8.11.3fixed 8.11.3
Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1. In t
- CVE-2023-50290Jan 15, 2024affected >= 9.0.0, < 9.3.0fixed 9.3.0
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr. The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance. Users are able to specify which environment variables to hide, however, the defaul
- affected < 9.4.0fixed 9.4.0
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
- CVE-2021-44548Dec 23, 2021affected < 8.11.1fixed 8.11.1
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may
- CVE-2021-33813Jun 16, 2021affected >= 8.8.1, < 8.8.2fixed 8.8.2
An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.
- CVE-2021-29943Apr 13, 2021affected < 8.8.2fixed 8.8.2
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiv
- CVE-2021-29262Apr 13, 2021affected < 8.8.2fixed 8.8.2
When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and woul
- CVE-2021-27905Apr 13, 2021affected < 8.8.2fixed 8.8.2
The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a
- CVE-2021-28163Apr 1, 2021affected >= 8.8.1, < 8.8.2fixed 8.8.2
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that m
- CVE-2020-27223Feb 26, 2021affected >= 8.8.1, < 8.8.2fixed 8.8.2
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage pr
- CVE-2020-9492Jan 26, 2021affected >= 8.6.0, < 8.6.1fixed 8.6.1
In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification.
Page 1 of 2