org.apache.solr:solr-parent (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.apache.solr:solr-parent, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2020-13957 — CVSS 9.8 (critical): Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for…
CVE-2021-27905 — CVSS 9.8 (critical): The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias)…
CVE-2021-44548 — CVSS 9.8 (critical): An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting…
CVE-2021-29943 — CVSS 9.1 (critical): When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed…
CVE-2020-13941 — CVSS 8.8 (high): Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. The Replication handler…
CVE-2018-11802 — CVSS 4.3 (medium): In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection…