Lucene search
K

1311 matches found

Wolfi
Wolfi
added 2026/02/10 7:48 a.m.7 views

CVE-2026-22022 vulnerabilities

Vulnerabilities for packages: solr...

8.2CVSS5.4AI score0.00491EPSS
Exploits0
Wolfi
Wolfi
added 2026/02/10 7:48 a.m.4 views

GHSA-QR3P-2XJ2-Q7HQ vulnerabilities

Vulnerabilities for packages: solr...

5.4AI score
Exploits0
Chainguard
Chainguard
added 2026/02/10 7:17 a.m.8 views

CVE-2026-22022 vulnerabilities

Vulnerabilities for packages: solr...

8.2CVSS5.4AI score0.00491EPSS
Exploits0
Chainguard
Chainguard
added 2026/02/10 7:17 a.m.5 views

GHSA-QR3P-2XJ2-Q7HQ vulnerabilities

Vulnerabilities for packages: solr...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-22022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's Rule Based Authorization Plugin are vulnerable to allowing unauthorized access to certain So...

8.2CVSS7.2AI score0.00491EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-22444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The create core API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of a...

7.1CVSS7.1AI score0.00654EPSS
Exploits1References2
Wolfi
Wolfi
added 2026/01/28 1:48 p.m.3 views

GHSA-J58C-WW9W-PWP5 vulnerabilities

Vulnerabilities for packages: solr...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/01/28 1:48 p.m.13 views

CVE-2025-0716 vulnerabilities

Vulnerabilities for packages: solr...

4.8CVSS5.9AI score0.00375EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/28 1:17 p.m.2 views

GHSA-J58C-WW9W-PWP5 vulnerabilities

Vulnerabilities for packages: solr...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/28 1:17 p.m.12 views

CVE-2025-0716 vulnerabilities

Vulnerabilities for packages: solr...

4.8CVSS5.9AI score0.00375EPSS
Exploits0
OSV
OSV
added 2026/01/26 2:49 p.m.7 views

BIT-SOLR-2026-22444 Apache Solr: Insufficient file-access checking in standalone core-creation requests

The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of and attempt to read file-system paths that should be disallowed by Solr's "allowPaths" security setting...

7.1CVSS5.9AI score0.00654EPSS
Exploits1References3
OSV
OSV
added 2026/01/26 2:49 p.m.4 views

BIT-SOLR-2026-22022 Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS5.9AI score0.00491EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/01/22 5:55 p.m.172 views

Exploit for CVE-2026-22444

CVE-2026-22444 Apache Solr UNC Path Validation Vulnerability...

7.1CVSS5.7AI score0.00654EPSS
Exploits1
OSV
OSV
added 2026/01/21 3:31 p.m.4 views

GHSA-VC2W-4V3P-2MQW Apache Solr: Insufficient file-access checking in standalone core-creation requests

The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of and attempt to read file-system paths that should be disallowed by Solr's "allowPaths" security setting...

7.1CVSS5.9AI score0.00654EPSS
Exploits1References5
OSV
OSV
added 2026/01/21 3:31 p.m.1 views

GHSA-QR3P-2XJ2-Q7HQ Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS6AI score0.00491EPSS
Exploits0References6
Snyk
Snyk
added 2026/01/21 3:31 p.m.5 views

Files or Directories Accessible to External Parties

Overview org.apache.solr:solr-core is an open source enterprise search platform built on Apache Lucene Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties in the AllowPathBuilder behavior accessible via the create core API. An attacker can read...

7.1CVSS5.7AI score0.00654EPSS
Exploits1References2
Snyk
Snyk
added 2026/01/21 3:31 p.m.2 views

Missing Authorization

Overview org.apache.solr:solr-core is an open source enterprise search platform built on Apache Lucene Affected versions of this package are vulnerable to Missing Authorization in the Rule Based Authorization Plugin, by which the getPermissionName function can be forced to return null. An attacke...

8.3CVSS5.7AI score0.00491EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/01/21 3:31 p.m.9 views

Apache Solr: Unauthorized bypass of certain "predefined permission" rules in the RuleBasedAuthorizationPlugin

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS5.6AI score0.00491EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/01/21 3:31 p.m.9 views

Apache Solr: Insufficient file-access checking in standalone core-creation requests

The "create core" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of and attempt to read file-system paths that should be disallowed by Solr's "allowPaths" security setting...

7.1CVSS5.5AI score0.00654EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/01/21 2:16 p.m.6 views

CVE-2026-22022

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria ar...

8.2CVSS0.00491EPSS
Exploits0References2
Rows per page
Query Builder