Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/28865?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/28865?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@8.11.3", "type": "maven", "namespace": "org.apache.solr", "name": "solr-core", "version": "8.11.3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "9.10.1", "latest_non_vulnerable_version": "9.10.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83447?format=api", "vulnerability_id": "VCID-ayj5-uq2f-j7g5", "summary": "Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's \"Rule Based Authorization Plugin\" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components. Only deployments that meet all of the following criteria are impacted by this vulnerability:\n\n * Use of Solr's \"RuleBasedAuthorizationPlugin\"\n * A RuleBasedAuthorizationPlugin config (see security.json) that specifies multiple \"roles\"\n * A RuleBasedAuthorizationPlugin permission list (see security.json) that uses one or more of the following pre-defined permission rules: \"config-read\", \"config-edit\", \"schema-read\", \"metrics-read\", or \"security-read\".\n * A RuleBasedAuthorizationPlugin permission list that doesn't define the \"all\" pre-defined permission\n * A networking setup that allows clients to make unfiltered network requests to Solr. (i.e. user-submitted HTTP/HTTPS requests reach Solr as-is, unmodified or restricted by any intervening proxy or gateway)\n\nUsers can mitigate this vulnerability by ensuring that their RuleBasedAuthorizationPlugin configuration specifies the \"all\" pre-defined permission and associates the permission with an \"admin\" or other privileged role. Users can also upgrade to a Solr version outside of the impacted range, such as the recently released Solr 9.10.1.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22022.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.4695", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46964", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46808", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22022" }, { "reference_url": "https://github.com/apache/solr", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr" }, { "reference_url": "https://github.com/apache/solr/commit/c135e6335c7158fa26e96b0dc386f825255b47c0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/c135e6335c7158fa26e96b0dc386f825255b47c0" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-18054", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-18054" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2026/01/20/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2026/01/20/4" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431603", "reference_id": "2431603", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431603" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22022", "reference_id": "CVE-2026-22022", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22022" }, { "reference_url": "https://lists.apache.org/thread/d59hqbgo7p62myq7mgfpz7or8n1j7wbn", "reference_id": "d59hqbgo7p62myq7mgfpz7or8n1j7wbn", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:34:12Z/" } ], "url": "https://lists.apache.org/thread/d59hqbgo7p62myq7mgfpz7or8n1j7wbn" }, { "reference_url": "https://github.com/advisories/GHSA-qr3p-2xj2-q7hq", "reference_id": "GHSA-qr3p-2xj2-q7hq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qr3p-2xj2-q7hq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38019?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.10.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.10.1" } ], "aliases": [ "CVE-2026-22022", "GHSA-qr3p-2xj2-q7hq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ayj5-uq2f-j7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/124178?format=api", "vulnerability_id": "VCID-gjzx-m3cq-xqgz", "summary": "Core creation allows users to replace \"trusted\" configset files with arbitrary configuration\n\nSolr instances that (1) use the \"FileSystemConfigSetService\" component (the default in \"standalone\" or \"user-managed\" mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual \"trusted\" configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem. These replacement config files are treated as \"trusted\" and can use \"<lib>\" tags to add to Solr's classpath, which an attacker might use to load malicious code as a searchComponent or other plugin.\n\nThis issue affects all Apache Solr versions up through Solr 9.7. Users can protect against the vulnerability by enabling authentication and authorization on their Solr clusters or switching to SolrCloud (and away from \"FileSystemConfigSetService\"). Users are also recommended to upgrade to Solr 9.8.0, which mitigates this issue by disabling use of \"<lib>\" tags by default.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24814.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24814.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24814", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.74168", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.7408", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.74153", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-24814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24814" }, { "reference_url": "https://github.com/apache/solr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr" }, { "reference_url": "https://github.com/apache/solr/commit/f492e24881c5724a1b1baecfc9549e2cb0257525", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/f492e24881c5724a1b1baecfc9549e2cb0257525" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-16781", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-16781" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24814", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24814" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20250214-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20250214-0002" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/01/26/1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/01/26/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342221", "reference_id": "2342221", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342221" }, { "reference_url": "https://github.com/advisories/GHSA-68r2-fwcg-qpm8", "reference_id": "GHSA-68r2-fwcg-qpm8", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-68r2-fwcg-qpm8" }, { "reference_url": "https://lists.apache.org/thread/gl291pn8x9f9n52ys5l0pc0b6qtf0qw1", "reference_id": "gl291pn8x9f9n52ys5l0pc0b6qtf0qw1", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T14:10:58Z/" } ], "url": "https://lists.apache.org/thread/gl291pn8x9f9n52ys5l0pc0b6qtf0qw1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376880?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.8.0" } ], "aliases": [ "CVE-2025-24814", "GHSA-68r2-fwcg-qpm8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gjzx-m3cq-xqgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/43567?format=api", "vulnerability_id": "VCID-s2n1-qdzh-kqbg", "summary": "Relative Path Traversal vulnerability in Apache Solr.\n\nSolr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the \"configset upload\" API. Commonly known as a \"zipslip\", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem. \nThis issue affects Apache Solr: from 6.6 through 9.7.0.\n\nUsers are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's \"Rule-Based Authentication Plugin\" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13709", "scoring_system": "epss", "scoring_elements": "0.94448", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.13709", "scoring_system": "epss", "scoring_elements": "0.94453", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.13709", "scoring_system": "epss", "scoring_elements": "0.94429", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-52012" }, { "reference_url": "https://github.com/apache/solr", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr" }, { "reference_url": "https://github.com/apache/solr/commit/5795edd143b8fcb2ffaf7f278a099b8678adf396", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/5795edd143b8fcb2ffaf7f278a099b8678adf396" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-17543", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-17543" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52012", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52012" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2025/01/26/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2025/01/26/2" }, { "reference_url": "https://github.com/advisories/GHSA-4p5m-gvpf-f3x5", "reference_id": "GHSA-4p5m-gvpf-f3x5", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4p5m-gvpf-f3x5" }, { "reference_url": "https://lists.apache.org/thread/yp39pgbv4vf1746pf5yblz84lv30vfxd", "reference_id": "yp39pgbv4vf1746pf5yblz84lv30vfxd", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "6.6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T13:34:11Z/" } ], "url": "https://lists.apache.org/thread/yp39pgbv4vf1746pf5yblz84lv30vfxd" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/376880?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.8.0" } ], "aliases": [ "CVE-2024-52012", "GHSA-4p5m-gvpf-f3x5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s2n1-qdzh-kqbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83803?format=api", "vulnerability_id": "VCID-ypww-89jz-rkgy", "summary": "The \"create core\" API of Apache Solr 8.6 through 9.10.0 lacks sufficient input validation on some API parameters, which can cause Solr to check the existence of and attempt to read file-system paths that should be disallowed by Solr's \"allowPaths\" security setting https://https://solr.apache.org/guide/solr/latest/configuration-guide/configuring-solr-xml.html#the-solr-element . These read-only accesses can allow users to create cores using unexpected configsets if any are accessible via the filesystem. On Windows systems configured to allow UNC paths this can additionally cause disclosure of NTLM \"user\" hashes. \n\nSolr deployments are subject to this vulnerability if they meet the following criteria:\n * Solr is running in its \"standalone\" mode.\n * Solr's \"allowPath\" setting is being used to restrict file access to certain directories.\n * Solr's \"create core\" API is exposed and accessible to untrusted users. This can happen if Solr's RuleBasedAuthorizationPlugin https://solr.apache.org/guide/solr/latest/deployment-guide/rule-based-authorization-plugin.html is disabled, or if it is enabled but the \"core-admin-edit\" predefined permission (or an equivalent custom permission) is given to low-trust (i.e. non-admin) user roles.\n\nUsers can mitigate this by enabling Solr's RuleBasedAuthorizationPlugin (if disabled) and configuring a permission-list that prevents untrusted users from creating new Solr cores. Users should also upgrade to Apache Solr 9.10.1 or greater, which contain fixes for this issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22444.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22444.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22444", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10884", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1088", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10825", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-22444" }, { "reference_url": "https://github.com/apache/solr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-18058", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-18058" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2026/01/20/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2026/01/20/5" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431604", "reference_id": "2431604", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431604" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22444", "reference_id": "CVE-2026-22444", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22444" }, { "reference_url": "https://github.com/advisories/GHSA-vc2w-4v3p-2mqw", "reference_id": "GHSA-vc2w-4v3p-2mqw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vc2w-4v3p-2mqw" }, { "reference_url": "https://lists.apache.org/thread/qkrb9dd4xrlqmmq73lrhkbfkttto2d1m", "reference_id": "qkrb9dd4xrlqmmq73lrhkbfkttto2d1m", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-21T15:38:26Z/" } ], "url": "https://lists.apache.org/thread/qkrb9dd4xrlqmmq73lrhkbfkttto2d1m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/38019?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.10.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.10.1" } ], "aliases": [ "CVE-2026-22444", "GHSA-vc2w-4v3p-2mqw" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypww-89jz-rkgy" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/146591?format=api", "vulnerability_id": "VCID-hx4j-8q65-kuak", "summary": "Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr.\n\nThis issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0.\n\nThe Schema Designer was introduced to allow users to more easily configure and test new Schemas and configSets.\nHowever, when the feature was created, the \"trust\" (authentication) of these configSets was not considered.\nExternal library loading is only available to configSets that are \"trusted\" (created by authenticated users), thus non-authenticated users are unable to perform Remote Code Execution.\nSince the Schema Designer loaded configSets without taking their \"trust\" into account, configSets that were created by unauthenticated users were allowed to load external libraries when used in the Schema Designer.\n\nUsers are recommended to upgrade to version 9.3.0, which fixes the issue.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50292.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50292.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.46454", "scoring_system": "epss", "scoring_elements": "0.97731", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.46454", "scoring_system": "epss", "scoring_elements": "0.97739", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.46454", "scoring_system": "epss", "scoring_elements": "0.9774", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50292" }, { "reference_url": "https://github.com/apache/lucene-solr/commit/6e9ed203b30958396bdfd41760d426b386646865", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/lucene-solr/commit/6e9ed203b30958396bdfd41760d426b386646865" }, { "reference_url": "https://github.com/apache/solr/commit/d07751cfaa8065bea8bd43f59e758e50d50c2419", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/d07751cfaa8065bea8bd43f59e758e50d50c2419" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-16777", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-16777" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263579", "reference_id": "2263579", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263579" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/09/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:33Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/09/3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50292", "reference_id": "CVE-2023-50292", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50292" }, { "reference_url": "https://github.com/advisories/GHSA-4wxw-42wx-2wfx", "reference_id": "GHSA-4wxw-42wx-2wfx", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4wxw-42wx-2wfx" }, { "reference_url": "https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions", "reference_id": "security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:27:33Z/" } ], "url": "https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28865?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@8.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/28405?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-q96j-15e3-ukex" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" }, { "vulnerability": "VCID-z1ex-516q-vyag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.3.0" } ], "aliases": [ "CVE-2023-50292", "GHSA-4wxw-42wx-2wfx" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hx4j-8q65-kuak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/146640?format=api", "vulnerability_id": "VCID-q96j-15e3-ukex", "summary": "Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.\n\nIn the affected versions, Solr ConfigSets accepted Java jar and class files to be uploaded through the ConfigSets API.\nWhen backing up Solr Collections, these configSet files would be saved to disk when using the LocalFileSystemRepository (the default for backups).\nIf the backup was saved to a directory that Solr uses in its ClassPath/ClassLoaders, then the jar and class files would be available to use with any ConfigSet, trusted or untrusted.\n\nWhen Solr is run in a secure way (Authorization enabled), as is strongly suggested, this vulnerability is limited to extending the Backup permissions with the ability to add libraries.\nUsers are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.\nIn these versions, the following protections have been added:\n\n * Users are no longer able to upload files to a configSet that could be executed via a Java ClassLoader.\n * The Backup API restricts saving backups to directories that are used in the ClassLoader.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50386.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50386.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50386", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86843", "scoring_system": "epss", "scoring_elements": "0.99451", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.86843", "scoring_system": "epss", "scoring_elements": "0.9945", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.86843", "scoring_system": "epss", "scoring_elements": "0.99449", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50386" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50386", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50386" }, { "reference_url": "https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda" }, { "reference_url": "https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9" }, { "reference_url": "https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/644dd3a6d6780d71030f7070754d2f3adce22859" }, { "reference_url": "https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/c79011e81dada2f9bc4b4df32ffb32152ef81152" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-16949", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-16949" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/09/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-30T04:00:07Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/09/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263585", "reference_id": "2263585", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263585" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50386", "reference_id": "CVE-2023-50386", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50386" }, { "reference_url": "https://github.com/advisories/GHSA-37vr-vmg4-jwpw", "reference_id": "GHSA-37vr-vmg4-jwpw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-37vr-vmg4-jwpw" }, { "reference_url": "https://solr.apache.org/security.html#cve-2023-50386-apache-solr-backuprestore-apis-allow-for-deployment-of-executables-in-malicious-configsets", "reference_id": "security.html#cve-2023-50386-apache-solr-backuprestore-apis-allow-for-deployment-of-executables-in-malicious-configsets", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-30T04:00:07Z/" } ], "url": "https://solr.apache.org/security.html#cve-2023-50386-apache-solr-backuprestore-apis-allow-for-deployment-of-executables-in-malicious-configsets" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28865?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@8.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/28866?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.4.1" } ], "aliases": [ "CVE-2023-50386", "GHSA-37vr-vmg4-jwpw" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q96j-15e3-ukex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/146642?format=api", "vulnerability_id": "VCID-u2my-znw4-zuaz", "summary": "Insufficiently Protected Credentials vulnerability in Apache Solr.\n\nThis issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0.\nOne of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties that had \"password\" contained in the name.\nThere are a number of sensitive system properties, such as \"basicauth\" and \"aws.secretKey\" do not contain \"password\", thus their values were published via the \"/admin/info/properties\" endpoint.\nThis endpoint populates the list of System Properties on the home screen of the Solr Admin page, making the exposed credentials visible in the UI.\n\nThis /admin/info/properties endpoint is protected under the \"config-read\" permission.\nTherefore, Solr Clouds with Authorization enabled will only be vulnerable through logged-in users that have the \"config-read\" permission.\nUsers are recommended to upgrade to version 9.3.0 or 8.11.3, which fixes the issue.\nA single option now controls hiding Java system property for all endpoints, \"-Dsolr.hiddenSysProps\".\nBy default all known sensitive properties are hidden (including \"-Dbasicauth\"), as well as any property with a name containing \"secret\" or \"password\".\n\nUsers who cannot upgrade can also use the following Java system property to fix the issue:\n '-Dsolr.redaction.system.pattern=.*(password|secret|basicauth).*'", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03074", "scoring_system": "epss", "scoring_elements": "0.87105", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03074", "scoring_system": "epss", "scoring_elements": "0.87096", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03074", "scoring_system": "epss", "scoring_elements": "0.87051", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50291" }, { "reference_url": "https://github.com/apache/solr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr" }, { "reference_url": "https://github.com/apache/solr/commit/659021c7d50164a3166887f24875228431b02102", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/659021c7d50164a3166887f24875228431b02102" }, { "reference_url": "https://github.com/apache/solr/commit/98c198810f2cd934d23d0d80aadb570a2bbb3b8e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/98c198810f2cd934d23d0d80aadb570a2bbb3b8e" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-16809", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-16809" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263577", "reference_id": "2263577", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263577" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/09/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:48Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/09/4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50291", "reference_id": "CVE-2023-50291", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50291" }, { "reference_url": "https://github.com/advisories/GHSA-3hwc-rqwp-v36q", "reference_id": "GHSA-3hwc-rqwp-v36q", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3hwc-rqwp-v36q" }, { "reference_url": "https://solr.apache.org/security.html#cve-2023-50291-apache-solr-can-leak-certain-passwords-due-to-system-property-redaction-logic-inconsistencies", "reference_id": "security.html#cve-2023-50291-apache-solr-can-leak-certain-passwords-due-to-system-property-redaction-logic-inconsistencies", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-09T23:30:48Z/" } ], "url": "https://solr.apache.org/security.html#cve-2023-50291-apache-solr-can-leak-certain-passwords-due-to-system-property-redaction-logic-inconsistencies" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28865?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@8.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/28405?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-q96j-15e3-ukex" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" }, { "vulnerability": "VCID-z1ex-516q-vyag" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.3.0" } ], "aliases": [ "CVE-2023-50291", "GHSA-3hwc-rqwp-v36q" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u2my-znw4-zuaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/146573?format=api", "vulnerability_id": "VCID-z1ex-516q-vyag", "summary": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.\n\nSolr Streaming Expressions allows users to extract data from other Solr Clouds, using a \"zkHost\" parameter.\nWhen original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever \"zkHost\" the user provides.\nAn attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information,\nthen send a streaming expression using the mock server's address in \"zkHost\".\nStreaming Expressions are exposed via the \"/streaming\" handler, with \"read\" permissions.\n\nUsers are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.\nFrom these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50298.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-50298.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50298", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2392", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23911", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23715", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50298" }, { "reference_url": "https://github.com/apache/lucene-solr/commit/61c956c426b2cfb85ccef55d1afca4335eacd269", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/lucene-solr/commit/61c956c426b2cfb85ccef55d1afca4335eacd269" }, { "reference_url": "https://github.com/apache/solr", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr" }, { "reference_url": "https://github.com/apache/solr/commit/e2bf1f434aad873fbb24c21d46ac00e888806d98", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/solr/commit/e2bf1f434aad873fbb24c21d46ac00e888806d98" }, { "reference_url": "https://issues.apache.org/jira/browse/SOLR-17098", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.apache.org/jira/browse/SOLR-17098" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/09/2", "reference_id": "2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-19T16:14:53Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/09/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263583", "reference_id": "2263583", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263583" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/02/09/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-19T16:14:53Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/02/09/3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50298", "reference_id": "CVE-2023-50298", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-50298" }, { "reference_url": "https://github.com/advisories/GHSA-xrj7-x7gp-wwqr", "reference_id": "GHSA-xrj7-x7gp-wwqr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xrj7-x7gp-wwqr" }, { "reference_url": "https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions", "reference_id": "security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-19T16:14:53Z/" } ], "url": "https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28865?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@8.11.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/28866?format=api", "purl": "pkg:maven/org.apache.solr/solr-core@9.4.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ayj5-uq2f-j7g5" }, { "vulnerability": "VCID-gjzx-m3cq-xqgz" }, { "vulnerability": "VCID-s2n1-qdzh-kqbg" }, { "vulnerability": "VCID-ypww-89jz-rkgy" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@9.4.1" } ], "aliases": [ "CVE-2023-50298", "GHSA-xrj7-x7gp-wwqr" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z1ex-516q-vyag" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-core@8.11.3" }