Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.solr/solr-parent@7.7.0
Typemaven
Namespaceorg.apache.solr
Namesolr-parent
Version7.7.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.11.1
Latest_non_vulnerable_version8.11.1
Affected_by_vulnerabilities
0
url VCID-3vmh-e7x6-3kf6
vulnerability_id VCID-3vmh-e7x6-3kf6
summary 
Incorrect Authorization in Apache Solr
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using server credentials instead of original client credentials. This would result in incorrect authorization resolution on the receiving hosts.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29943.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29943.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29943
reference_id
reference_type
scores
0
value 0.07673
scoring_system epss
scoring_elements 0.91915
published_at 2026-04-21T12:55:00Z
1
value 0.07673
scoring_system epss
scoring_elements 0.91918
published_at 2026-04-18T12:55:00Z
2
value 0.07673
scoring_system epss
scoring_elements 0.91922
published_at 2026-04-16T12:55:00Z
3
value 0.07673
scoring_system epss
scoring_elements 0.91907
published_at 2026-04-12T12:55:00Z
4
value 0.07673
scoring_system epss
scoring_elements 0.91903
published_at 2026-04-13T12:55:00Z
5
value 0.07673
scoring_system epss
scoring_elements 0.91863
published_at 2026-04-01T12:55:00Z
6
value 0.07673
scoring_system epss
scoring_elements 0.91898
published_at 2026-04-08T12:55:00Z
7
value 0.07673
scoring_system epss
scoring_elements 0.91885
published_at 2026-04-07T12:55:00Z
8
value 0.07673
scoring_system epss
scoring_elements 0.91878
published_at 2026-04-04T12:55:00Z
9
value 0.07673
scoring_system epss
scoring_elements 0.91871
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29943
2
reference_url https://lists.apache.org/thread.html/r91dd0ff556e0c9aab4c92852e0e540c59d4633718ce12881558cf44d%40%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r91dd0ff556e0c9aab4c92852e0e540c59d4633718ce12881558cf44d%40%3Cusers.solr.apache.org%3E
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-29943
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-29943
4
reference_url https://security.netapp.com/advisory/ntap-20210604-0009
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210604-0009
5
reference_url https://security.netapp.com/advisory/ntap-20210604-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210604-0009/
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1949521
reference_id 1949521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1949521
7
reference_url https://security.archlinux.org/AVG-1808
reference_id AVG-1808
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1808
8
reference_url https://github.com/advisories/GHSA-vf7p-j8x6-xvwp
reference_id GHSA-vf7p-j8x6-xvwp
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vf7p-j8x6-xvwp
fixed_packages
0
url pkg:maven/org.apache.solr/solr-parent@8.8.2
purl pkg:maven/org.apache.solr/solr-parent@8.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a4yf-9j54-e3cp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@8.8.2
aliases CVE-2021-29943, GHSA-vf7p-j8x6-xvwp
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3vmh-e7x6-3kf6
1
url VCID-4dgs-1mk2-5ubr
vulnerability_id VCID-4dgs-1mk2-5ubr
summary 
Improper Input Validation
Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. The Replication handler allows commands backup, restore and deleteBackup. Each of these take a location parameter, which was not validated, i.e you could read/write to any location the solr user can access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13941.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13941.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13941
reference_id
reference_type
scores
0
value 0.02798
scoring_system epss
scoring_elements 0.86123
published_at 2026-04-21T12:55:00Z
1
value 0.02798
scoring_system epss
scoring_elements 0.86129
published_at 2026-04-18T12:55:00Z
2
value 0.02798
scoring_system epss
scoring_elements 0.86124
published_at 2026-04-16T12:55:00Z
3
value 0.02798
scoring_system epss
scoring_elements 0.86107
published_at 2026-04-13T12:55:00Z
4
value 0.02798
scoring_system epss
scoring_elements 0.86112
published_at 2026-04-12T12:55:00Z
5
value 0.02798
scoring_system epss
scoring_elements 0.86114
published_at 2026-04-11T12:55:00Z
6
value 0.02798
scoring_system epss
scoring_elements 0.861
published_at 2026-04-09T12:55:00Z
7
value 0.02798
scoring_system epss
scoring_elements 0.86089
published_at 2026-04-08T12:55:00Z
8
value 0.02798
scoring_system epss
scoring_elements 0.8607
published_at 2026-04-07T12:55:00Z
9
value 0.02798
scoring_system epss
scoring_elements 0.86043
published_at 2026-04-01T12:55:00Z
10
value 0.02798
scoring_system epss
scoring_elements 0.86054
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13941
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13941
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13941
3
reference_url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/rbcd9dff009ed19ffcc2b09784595fc1098fc802a5472f81795f893be@%3Ccommits.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbcd9dff009ed19ffcc2b09784595fc1098fc802a5472f81795f893be@%3Ccommits.lucene.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/rf54e7912b7d2b72c63ec54a7afa4adcbf16268dcc63253767dd67d60%40%3Cgeneral.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf54e7912b7d2b72c63ec54a7afa4adcbf16268dcc63253767dd67d60%40%3Cgeneral.lucene.apache.org%3E
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1869167
reference_id 1869167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1869167
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13941
reference_id CVE-2020-13941
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13941
9
reference_url https://github.com/advisories/GHSA-2467-h365-j7hm
reference_id GHSA-2467-h365-j7hm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2467-h365-j7hm
fixed_packages
0
url pkg:maven/org.apache.solr/solr-parent@8.6.0
purl pkg:maven/org.apache.solr/solr-parent@8.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3vmh-e7x6-3kf6
1
vulnerability VCID-835p-mav1-1qem
2
vulnerability VCID-a4yf-9j54-e3cp
3
vulnerability VCID-ftx3-494m-hbee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@8.6.0
aliases CVE-2020-13941, GHSA-2467-h365-j7hm
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4dgs-1mk2-5ubr
2
url VCID-835p-mav1-1qem
vulnerability_id VCID-835p-mav1-1qem
summary 
Incorrect Authorization in Apache Solr
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions. This issue is patched in 8.6.3.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13957.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13957.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13957
reference_id
reference_type
scores
0
value 0.84821
scoring_system epss
scoring_elements 0.99347
published_at 2026-04-18T12:55:00Z
1
value 0.84821
scoring_system epss
scoring_elements 0.99346
published_at 2026-04-21T12:55:00Z
2
value 0.84821
scoring_system epss
scoring_elements 0.99339
published_at 2026-04-07T12:55:00Z
3
value 0.84821
scoring_system epss
scoring_elements 0.99338
published_at 2026-04-04T12:55:00Z
4
value 0.84821
scoring_system epss
scoring_elements 0.99336
published_at 2026-04-02T12:55:00Z
5
value 0.84821
scoring_system epss
scoring_elements 0.99344
published_at 2026-04-13T12:55:00Z
6
value 0.84821
scoring_system epss
scoring_elements 0.99342
published_at 2026-04-11T12:55:00Z
7
value 0.84821
scoring_system epss
scoring_elements 0.99341
published_at 2026-04-09T12:55:00Z
8
value 0.84821
scoring_system epss
scoring_elements 0.9934
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13957
2
reference_url https://github.com/apache/lucene-solr
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr
3
reference_url https://github.com/apache/solr/commit/e001c2221812a0ba9e9378855040ce72f93eced4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr/commit/e001c2221812a0ba9e9378855040ce72f93eced4
4
reference_url https://lists.apache.org/thread.html/r13a728994c60be5b5a7049282b5c926dac1fc6a9a0b2362f6adfa573@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r13a728994c60be5b5a7049282b5c926dac1fc6a9a0b2362f6adfa573@%3Cissues.lucene.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r1c783d3d81ba62f3381a17a4d6c826f7dead3a132ba42349c90df075@%3Ccommits.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1c783d3d81ba62f3381a17a4d6c826f7dead3a132ba42349c90df075@%3Ccommits.lucene.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r2236fdf99ac3efbfc36c2df96d3a88f822baa6f45e13fec7ff558e34@%3Cdev.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2236fdf99ac3efbfc36c2df96d3a88f822baa6f45e13fec7ff558e34@%3Cdev.bigtop.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r226c1112bb41e7cd427862d875eff9877a20a40242c2542f4dd39e4a@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r226c1112bb41e7cd427862d875eff9877a20a40242c2542f4dd39e4a@%3Cissues.lucene.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r2a6600fe9afd502c04d26fd112823ec3f3c3ad1b4a289d10567a78a0@%3Cdev.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2a6600fe9afd502c04d26fd112823ec3f3c3ad1b4a289d10567a78a0@%3Cdev.bigtop.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r2f8d33a4de07db9459fb2a98a1cd39747066137636b53f84a13e5628@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r2f8d33a4de07db9459fb2a98a1cd39747066137636b53f84a13e5628@%3Cissues.lucene.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r3d1e24a73e6bffa1d6534e1f34c8f5cbd9999495e7d933640f4fa0ed@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3d1e24a73e6bffa1d6534e1f34c8f5cbd9999495e7d933640f4fa0ed@%3Cissues.lucene.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r3da9895cea476bcee2557531bebd4e8f6f367dc3ea900a65e2f51cd8@%3Cissues.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3da9895cea476bcee2557531bebd4e8f6f367dc3ea900a65e2f51cd8@%3Cissues.bigtop.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r4ca8ba5980d9049cf3707798aa3116ee76c1582f171ff452ad2ca75e@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4ca8ba5980d9049cf3707798aa3116ee76c1582f171ff452ad2ca75e@%3Cissues.lucene.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r5557641fcf5cfd99260a7037cfbc8788fb546b72c98a900570edaa2e@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r5557641fcf5cfd99260a7037cfbc8788fb546b72c98a900570edaa2e@%3Cissues.lucene.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r622a043c2890327f8a4aea16b131e8a7137a282a004614369fceb224@%3Cdev.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r622a043c2890327f8a4aea16b131e8a7137a282a004614369fceb224@%3Cdev.bigtop.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r7512ae552cd9d14ab8b1bc0a7e95f2ec52ae85364f068d4034398ede@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7512ae552cd9d14ab8b1bc0a7e95f2ec52ae85364f068d4034398ede@%3Cissues.lucene.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r853fdc6d0b91d5e01a26c7bd5becb044ad775a231703d634ca5d55c9@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r853fdc6d0b91d5e01a26c7bd5becb044ad775a231703d634ca5d55c9@%3Cissues.lucene.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3@%3Cissues.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3@%3Cissues.lucene.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r999f828e6e37d9e825e207471cbfd2681c3befcd7f3abd59ed87c0d5@%3Cissues.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r999f828e6e37d9e825e207471cbfd2681c3befcd7f3abd59ed87c0d5@%3Cissues.bigtop.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/r9d7356f209ee30d702b6a921c866564eb2e291b126640c7ab70feea7@%3Ccommits.lucene.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9d7356f209ee30d702b6a921c866564eb2e291b126640c7ab70feea7@%3Ccommits.lucene.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb1de6ba50a468e9baff32a249edaa08f6bcec7dd7cc208e25e6b48c8@%3Cissues.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb1de6ba50a468e9baff32a249edaa08f6bcec7dd7cc208e25e6b48c8@%3Cissues.bigtop.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rb2f1c7fd3d3ea719dfac4706a80e6affddecae8663dda04e1335347f@%3Ccommits.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb2f1c7fd3d3ea719dfac4706a80e6affddecae8663dda04e1335347f@%3Ccommits.bigtop.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rf1a32f00017e83ff29a74be2de02e28e4302dddb5f14c624e297a8c0@%3Cdev.bigtop.apache.org%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rf1a32f00017e83ff29a74be2de02e28e4302dddb5f14c624e297a8c0@%3Cdev.bigtop.apache.org%3E
24
reference_url https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E
25
reference_url https://security.netapp.com/advisory/ntap-20201023-0002
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20201023-0002
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1890514
reference_id 1890514
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1890514
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13957
reference_id CVE-2020-13957
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13957
28
reference_url https://github.com/advisories/GHSA-3c7p-vv5r-cmr5
reference_id GHSA-3c7p-vv5r-cmr5
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3c7p-vv5r-cmr5
fixed_packages
0
url pkg:maven/org.apache.solr/solr-parent@8.6.3
purl pkg:maven/org.apache.solr/solr-parent@8.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3vmh-e7x6-3kf6
1
vulnerability VCID-a4yf-9j54-e3cp
2
vulnerability VCID-ftx3-494m-hbee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@8.6.3
aliases CVE-2020-13957, GHSA-3c7p-vv5r-cmr5
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-835p-mav1-1qem
3
url VCID-a4yf-9j54-e3cp
vulnerability_id VCID-a4yf-9j54-e3cp
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB attacks, which may result in: * The exfiltration of sensitive data such as OS user hashes (NTLM/LM hashes), * In case of misconfigured systems, SMB Relay Attacks which can lead to user impersonation on SMB Shares or, in a worse-case scenario, Remote Code Execution This issue affects all Apache Solr This issue only affects Windows.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44548
reference_id
reference_type
scores
0
value 0.0666
scoring_system epss
scoring_elements 0.91242
published_at 2026-04-21T12:55:00Z
1
value 0.0666
scoring_system epss
scoring_elements 0.91172
published_at 2026-04-02T12:55:00Z
2
value 0.0666
scoring_system epss
scoring_elements 0.9118
published_at 2026-04-04T12:55:00Z
3
value 0.0666
scoring_system epss
scoring_elements 0.91187
published_at 2026-04-07T12:55:00Z
4
value 0.0666
scoring_system epss
scoring_elements 0.91201
published_at 2026-04-08T12:55:00Z
5
value 0.0666
scoring_system epss
scoring_elements 0.91207
published_at 2026-04-09T12:55:00Z
6
value 0.0666
scoring_system epss
scoring_elements 0.91214
published_at 2026-04-11T12:55:00Z
7
value 0.0666
scoring_system epss
scoring_elements 0.91217
published_at 2026-04-13T12:55:00Z
8
value 0.0666
scoring_system epss
scoring_elements 0.91241
published_at 2026-04-16T12:55:00Z
9
value 0.0666
scoring_system epss
scoring_elements 0.9124
published_at 2026-04-18T12:55:00Z
10
value 0.0666
scoring_system epss
scoring_elements 0.91166
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44548
1
reference_url https://github.com/apache/solr
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/solr
2
reference_url https://security.netapp.com/advisory/ntap-20220114-0005
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20220114-0005
3
reference_url https://security.netapp.com/advisory/ntap-20220114-0005/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20220114-0005/
4
reference_url https://solr.apache.org/security.html#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://solr.apache.org/security.html#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44548
reference_id CVE-2021-44548
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44548
6
reference_url https://github.com/advisories/GHSA-pccr-q7v9-5f27
reference_id GHSA-pccr-q7v9-5f27
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pccr-q7v9-5f27
fixed_packages
0
url pkg:maven/org.apache.solr/solr-parent@8.11.1
purl pkg:maven/org.apache.solr/solr-parent@8.11.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@8.11.1
aliases CVE-2021-44548, GHSA-pccr-q7v9-5f27
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4yf-9j54-e3cp
4
url VCID-ftx3-494m-hbee
vulnerability_id VCID-ftx3-494m-hbee
summary 
Server-Side Request Forgery in Apache Solr
The ReplicationHandler (normally registered at "/replication" under a Solr core) in Apache Solr has a "masterUrl" (also "leaderUrl" alias) parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data into the local core. To prevent a SSRF vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. Prior to this bug getting fixed, it did not. This problem affects essentially all Solr versions prior to it getting fixed in 8.8.2.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27905.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27905.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-27905
reference_id
reference_type
scores
0
value 0.93901
scoring_system epss
scoring_elements 0.99877
published_at 2026-04-18T12:55:00Z
1
value 0.93901
scoring_system epss
scoring_elements 0.99873
published_at 2026-04-01T12:55:00Z
2
value 0.93901
scoring_system epss
scoring_elements 0.99876
published_at 2026-04-21T12:55:00Z
3
value 0.93901
scoring_system epss
scoring_elements 0.99875
published_at 2026-04-07T12:55:00Z
4
value 0.93901
scoring_system epss
scoring_elements 0.99874
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-27905
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27905
3
reference_url https://lists.apache.org/thread.html/r0ddc3a82bd7523b1453cb7a5e09eb5559517145425074a42eb326b10%40%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r0ddc3a82bd7523b1453cb7a5e09eb5559517145425074a42eb326b10%40%3Cannounce.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/r6ccec7fc54d82591b23c143f1f6a6e38f6e03e75db70870e4cb14a1a@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r6ccec7fc54d82591b23c143f1f6a6e38f6e03e75db70870e4cb14a1a@%3Ccommits.ofbiz.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r720a4a0497fc90bad5feec8aa18b777912ee15c7eeb5f882adbf523e@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r720a4a0497fc90bad5feec8aa18b777912ee15c7eeb5f882adbf523e@%3Ccommits.ofbiz.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r78a3a4f1138a1608b0c6d4a2ee7647848c1a20b0d5c652cd9b02c25a@%3Ccommits.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r78a3a4f1138a1608b0c6d4a2ee7647848c1a20b0d5c652cd9b02c25a@%3Ccommits.ofbiz.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r8f1152a43c36d878bbeb5a92f261e9efaf3af313b033d7acfccea59d@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r8f1152a43c36d878bbeb5a92f261e9efaf3af313b033d7acfccea59d@%3Cnotifications.ofbiz.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/rae9ccaecce9859f709ed1458545d90a4c07163070dc98b5e9e59057f@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rae9ccaecce9859f709ed1458545d90a4c07163070dc98b5e9e59057f@%3Cnotifications.ofbiz.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/rd232d77c57a8ce172359ab098df9512d8b37373ab87c444be911b430@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd232d77c57a8ce172359ab098df9512d8b37373ab87c444be911b430@%3Cnotifications.ofbiz.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/re9d64bb8e5dfefddcbf255adb4559e13a0df5b818da1b9b51329723f@%3Cnotifications.ofbiz.apache.org%3E
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/re9d64bb8e5dfefddcbf255adb4559e13a0df5b818da1b9b51329723f@%3Cnotifications.ofbiz.apache.org%3E
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-27905
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-27905
15
reference_url https://security.netapp.com/advisory/ntap-20210611-0009
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20210611-0009
16
reference_url https://security.netapp.com/advisory/ntap-20210611-0009/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20210611-0009/
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1949516
reference_id 1949516
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1949516
18
reference_url https://security.archlinux.org/AVG-1808
reference_id AVG-1808
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1808
19
reference_url https://github.com/advisories/GHSA-5phw-3jrp-3vj8
reference_id GHSA-5phw-3jrp-3vj8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5phw-3jrp-3vj8
fixed_packages
0
url pkg:maven/org.apache.solr/solr-parent@8.8.2
purl pkg:maven/org.apache.solr/solr-parent@8.8.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-a4yf-9j54-e3cp
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@8.8.2
aliases CVE-2021-27905, GHSA-5phw-3jrp-3vj8
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ftx3-494m-hbee
Fixing_vulnerabilities
0
url VCID-vsgv-kss4-nqcb
vulnerability_id VCID-vsgv-kss4-nqcb
summary 
Incorrect Authorization in Apache Solr
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 6.6.6 and 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11802.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11802.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11802
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.3561
published_at 2026-04-21T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35512
published_at 2026-04-01T12:55:00Z
2
value 0.00151
scoring_system epss
scoring_elements 0.35714
published_at 2026-04-02T12:55:00Z
3
value 0.00151
scoring_system epss
scoring_elements 0.35739
published_at 2026-04-04T12:55:00Z
4
value 0.00151
scoring_system epss
scoring_elements 0.3562
published_at 2026-04-07T12:55:00Z
5
value 0.00151
scoring_system epss
scoring_elements 0.35666
published_at 2026-04-08T12:55:00Z
6
value 0.00151
scoring_system epss
scoring_elements 0.35689
published_at 2026-04-09T12:55:00Z
7
value 0.00151
scoring_system epss
scoring_elements 0.35699
published_at 2026-04-11T12:55:00Z
8
value 0.00151
scoring_system epss
scoring_elements 0.35654
published_at 2026-04-12T12:55:00Z
9
value 0.00151
scoring_system epss
scoring_elements 0.35632
published_at 2026-04-13T12:55:00Z
10
value 0.00151
scoring_system epss
scoring_elements 0.35671
published_at 2026-04-16T12:55:00Z
11
value 0.00151
scoring_system epss
scoring_elements 0.35661
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11802
2
reference_url https://github.com/apache/lucene-solr
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr
3
reference_url https://github.com/apache/lucene-solr/commit/add003f217806afb4e1604f697cdb0a5a7115895
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/lucene-solr/commit/add003f217806afb4e1604f697cdb0a5a7115895
4
reference_url https://issues.apache.org/jira/browse/SOLR-12514
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/SOLR-12514
5
reference_url https://www.openwall.com/lists/oss-security/2019/04/24/1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2019/04/24/1
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1707547
reference_id 1707547
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1707547
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11802
reference_id CVE-2018-11802
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-11802
9
reference_url https://github.com/advisories/GHSA-j346-h5wc-rw2m
reference_id GHSA-j346-h5wc-rw2m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j346-h5wc-rw2m
fixed_packages
0
url pkg:maven/org.apache.solr/solr-parent@6.6.6
purl pkg:maven/org.apache.solr/solr-parent@6.6.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3vmh-e7x6-3kf6
1
vulnerability VCID-4dgs-1mk2-5ubr
2
vulnerability VCID-835p-mav1-1qem
3
vulnerability VCID-a4yf-9j54-e3cp
4
vulnerability VCID-ftx3-494m-hbee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@6.6.6
1
url pkg:maven/org.apache.solr/solr-parent@7.7.0
purl pkg:maven/org.apache.solr/solr-parent@7.7.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3vmh-e7x6-3kf6
1
vulnerability VCID-4dgs-1mk2-5ubr
2
vulnerability VCID-835p-mav1-1qem
3
vulnerability VCID-a4yf-9j54-e3cp
4
vulnerability VCID-ftx3-494m-hbee
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@7.7.0
aliases CVE-2018-11802, GHSA-j346-h5wc-rw2m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vsgv-kss4-nqcb
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.solr/solr-parent@7.7.0