Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.10 views

CVE-2024-52012

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...

5.4CVSS7AI score0.43312EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/14 8:34 a.m.20 views

Security Bulletin: Vulnerabilities in Apache Solr (lucene) affect IBM Operations Analytics - Log Analysis (CVE-2025-24814, CVE-2024-52012)

Summary There are vulnerabilities in privilege escalation and arbitrary filepath write-access that affect Apache Solr used by IBM Operations Analytics - Log Analysis. Vulnerability Details CVEID:CVE-2025-24814 DESCRIPTION: Core creation allows users to replace "trusted" configset files with...

5.5CVSS7.9AI score0.43312EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/01/27 9:15 a.m.17 views

CVE-2024-52012

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...

5.4CVSS0.43312EPSS
Exploits0References2
OSV
OSV
added 2025/01/27 9:15 a.m.6 views

CVE-2024-52012

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...

5.4CVSS7.3AI score
Exploits0References2
Cvelist
Cvelist
added 2025/01/27 8:54 a.m.18 views

CVE-2024-52012 Apache Solr: Configset upload on Windows allows arbitrary path write-access

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...

0.43312EPSS
Exploits0References1
CVE
CVE
added 2025/01/27 8:54 a.m.136 views

CVE-2024-52012

Apache Solr (Windows) is affected by CVE-2024-52012: a relative path traversal (zip slip) via the configset upload API that can allow arbitrary file writes to the filesystem. Affected versions are Solr 6.6 through 9.7.0. The root cause is insufficient input sanitation in the configset upload path...

5.4CVSS9.6AI score0.43312EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2025/01/27 12:0 a.m.10 views

CVE-2024-52012

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths t...

5.4CVSS7.3AI score0.43312EPSS
Exploits0References5
Circl
Circl
added 2025/01/26 12:59 p.m.10 views

CVE-2024-52012

creationtimestamp| type| source ---|---|--- 2025-01-26 12:59:42+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lgni6bsoic22 2025-01-27 08:56:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113899482179871247 2025-01-27 09:15:32+00:00| seen|...

5.4CVSS7.2AI score0.43312EPSS
Exploits0References9
Rows per page
Query Builder