Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.solr/solr-parent@8.11.1
Typemaven
Namespaceorg.apache.solr
Namesolr-parent
Version8.11.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-a4yf-9j54-e3cp
vulnerability_id VCID-a4yf-9j54-e3cp
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB attacks, which may result in: * The exfiltration of sensitive data such as OS user hashes (NTLM/LM hashes), * In case of misconfigured systems, SMB Relay Attacks which can lead to user impersonation on SMB Shares or, in a worse-case scenario, Remote Code Execution This issue affects all Apache Solr This issue only affects Windows.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44548
reference_id
reference_type
scores
0
value 0.0666
scoring_system epss
scoring_elements 0.9124
published_at 2026-04-18T12:55:00Z
1
value 0.0666
scoring_system epss
scoring_elements 0.91166
published_at 2026-04-01T12:55:00Z
2
value 0.0666
scoring_system epss
scoring_elements 0.91172
published_at 2026-04-02T12:55:00Z
3
value 0.0666
scoring_system epss
scoring_elements 0.9118
published_at 2026-04-04T12:55:00Z
4
value 0.0666
scoring_system epss
scoring_elements 0.91187
published_at 2026-04-07T12:55:00Z
5
value 0.0666
scoring_system epss
scoring_elements 0.91201
published_at 2026-04-08T12:55:00Z
6
value 0.0666
scoring_system epss
scoring_elements 0.91207
published_at 2026-04-09T12:55:00Z
7
value 0.0666
scoring_system epss
scoring_elements 0.91214
published_at 2026-04-11T12:55:00Z
8
value 0.0666
scoring_system epss
scoring_elements 0.91217
published_at 2026-04-13T12:55:00Z
9
value 0.0666
scoring_system epss
scoring_elements 0.91241
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44548
1
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
2
reference_url https://security.netapp.com/advisory/ntap-20220114-0005
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220114-0005
3
reference_url https://security.netapp.com/advisory/ntap-20220114-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220114-0005/
4
reference_url https://solr.apache.org/security.html#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://solr.apache.org/security.html#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44548
reference_id CVE-2021-44548
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44548
6
reference_url https://github.com/advisories/GHSA-pccr-q7v9-5f27
reference_id GHSA-pccr-q7v9-5f27
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pccr-q7v9-5f27
fixed_packages
0
url pkg:maven/org.apache.solr/solr-parent@8.11.1
purl pkg:maven/org.apache.solr/solr-parent@8.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@8.11.1
aliases CVE-2021-44548, GHSA-pccr-q7v9-5f27
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4yf-9j54-e3cp
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@8.11.1