Search for packages
| purl | pkg:deb/debian/lucene-solr@3.6.2%2Bdfsg-10%2Bdeb9u2 |
| Next non-vulnerable version | 3.6.2+dfsg-24 |
| Latest non-vulnerable version | 3.6.2+dfsg-24 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-83s4-swg3-aaar
Aliases: CVE-2023-50386 GHSA-37vr-vmg4-jwpw |
Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets |
Affected by 0 other vulnerabilities. |
|
VCID-cwan-4pbv-aaab
Aliases: CVE-2020-13941 GHSA-2467-h365-j7hm |
Improper Input Validation in Apache Solr |
Affected by 0 other vulnerabilities. |
|
VCID-ewma-bdd5-aaaa
Aliases: CVE-2018-1308 GHSA-3pph-2595-cgfh |
There is a XML external entity expansion (XXE) vulnerability in Apache Solr |
Affected by 8 other vulnerabilities. |
|
VCID-fkew-f1ez-aaaq
Aliases: CVE-2023-50291 GHSA-3hwc-rqwp-v36q |
Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies |
Affected by 0 other vulnerabilities. |
|
VCID-k73v-pu17-aaaj
Aliases: CVE-2017-3163 GHSA-387v-84cv-9qmc |
Moderate severity vulnerability that affects org.apache.solr:solr-core |
Affected by 8 other vulnerabilities. |
|
VCID-pk1z-x6n7-aaaa
Aliases: CVE-2023-50292 GHSA-4wxw-42wx-2wfx |
Apache Solr Schema Designer blindly "trusts" all configsets |
Affected by 0 other vulnerabilities. |
|
VCID-serq-s7kt-aaac
Aliases: CVE-2019-0193 GHSA-3gm7-v7vw-866c |
XML External Entity (XXE) Injection in Apache Solr |
Affected by 8 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-vj8s-sv5u-aaaf
Aliases: CVE-2023-50298 GHSA-xrj7-x7gp-wwqr |
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds |
Affected by 0 other vulnerabilities. |
|
VCID-vjex-gw45-aaae
Aliases: CVE-2021-27905 GHSA-5phw-3jrp-3vj8 |
Server-Side Request Forgery in Apache Solr |
Affected by 0 other vulnerabilities. |
|
VCID-x6bt-nsqt-gfg2
Aliases: CVE-2025-24814 GHSA-68r2-fwcg-qpm8 |
solr: org.apache.solr: Apache Solr: Core-creation with "trusted" configset can use arbitrary untrusted files |
Affected by 0 other vulnerabilities. |
|
VCID-y2ff-qfxj-aaar
Aliases: CVE-2017-12629 GHSA-mh7g-99w9-xpjm |
Remote code execution occurs in Apache Solr |
Affected by 8 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-ewma-bdd5-aaaa | There is a XML external entity expansion (XXE) vulnerability in Apache Solr |
CVE-2018-1308
GHSA-3pph-2595-cgfh |
| VCID-k73v-pu17-aaaj | Moderate severity vulnerability that affects org.apache.solr:solr-core |
CVE-2017-3163
GHSA-387v-84cv-9qmc |
| VCID-y2ff-qfxj-aaar | Remote code execution occurs in Apache Solr |
CVE-2017-12629
GHSA-mh7g-99w9-xpjm |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-22T01:00:13.024123+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 36.1.3 |
| 2025-06-21T19:14:03.594158+00:00 | Debian Oval Importer | Affected by | VCID-vjex-gw45-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T19:04:47.185417+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:58:25.432613+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T16:45:49.612581+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:30:21.036678+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:30:18.085378+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:44:03.518428+00:00 | Debian Oval Importer | Affected by | VCID-ewma-bdd5-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T10:34:14.864641+00:00 | Debian Oval Importer | Fixing | VCID-ewma-bdd5-aaaa | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:18:58.166979+00:00 | Debian Oval Importer | Fixing | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:18:53.291128+00:00 | Debian Oval Importer | Fixing | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T06:02:59.227617+00:00 | Debian Oval Importer | Affected by | VCID-cwan-4pbv-aaab | None | 36.1.3 |
| 2025-06-21T02:56:28.107993+00:00 | Debian Oval Importer | Affected by | VCID-vjex-gw45-aaae | None | 36.1.3 |
| 2025-06-21T01:24:41.203396+00:00 | Debian Oval Importer | Affected by | VCID-ewma-bdd5-aaaa | None | 36.1.3 |
| 2025-06-21T01:09:44.667083+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | None | 36.1.3 |
| 2025-06-20T23:26:35.180018+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | None | 36.1.3 |
| 2025-06-20T20:30:30.806499+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | None | 36.1.3 |
| 2025-06-20T20:13:03.095349+00:00 | Debian Oval Importer | Fixing | VCID-k73v-pu17-aaaj | None | 36.1.3 |
| 2025-06-20T20:10:13.389348+00:00 | Debian Oval Importer | Fixing | VCID-ewma-bdd5-aaaa | None | 36.1.3 |
| 2025-06-08T12:44:31.607578+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:42:51.904178+00:00 | Debian Oval Importer | Affected by | VCID-vjex-gw45-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:33:57.620435+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T11:27:48.383473+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T09:31:04.140149+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:24:53.685230+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:23:18.679471+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:38:13.299935+00:00 | Debian Oval Importer | Affected by | VCID-ewma-bdd5-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:16:29.104438+00:00 | Debian Oval Importer | Fixing | VCID-ewma-bdd5-aaaa | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:06:32.061936+00:00 | Debian Oval Importer | Fixing | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:06:27.251807+00:00 | Debian Oval Importer | Fixing | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-07T23:41:43.992883+00:00 | Debian Oval Importer | Affected by | VCID-cwan-4pbv-aaab | None | 36.1.0 |
| 2025-06-07T20:24:12.084473+00:00 | Debian Oval Importer | Affected by | VCID-vjex-gw45-aaae | None | 36.1.0 |
| 2025-06-07T18:47:29.486840+00:00 | Debian Oval Importer | Affected by | VCID-ewma-bdd5-aaaa | None | 36.1.0 |
| 2025-06-07T18:32:23.814007+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | None | 36.1.0 |
| 2025-06-07T16:49:30.192181+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | None | 36.1.0 |
| 2025-06-07T14:04:16.248213+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | None | 36.1.0 |
| 2025-06-07T13:54:29.900596+00:00 | Debian Oval Importer | Fixing | VCID-k73v-pu17-aaaj | None | 36.1.0 |
| 2025-06-07T13:53:41.505948+00:00 | Debian Oval Importer | Fixing | VCID-ewma-bdd5-aaaa | None | 36.1.0 |
| 2025-04-13T02:51:17.161235+00:00 | Debian Oval Importer | Affected by | VCID-x6bt-nsqt-gfg2 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:59:20.738617+00:00 | Debian Oval Importer | Affected by | VCID-83s4-swg3-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:59:17.349404+00:00 | Debian Oval Importer | Affected by | VCID-vj8s-sv5u-aaaf | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:59:16.650973+00:00 | Debian Oval Importer | Affected by | VCID-fkew-f1ez-aaaq | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:59:15.926284+00:00 | Debian Oval Importer | Affected by | VCID-pk1z-x6n7-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:06:37.155514+00:00 | Debian Oval Importer | Affected by | VCID-ewma-bdd5-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:45:10.186837+00:00 | Debian Oval Importer | Affected by | VCID-cwan-4pbv-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:31:24.010557+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:27:40.232712+00:00 | Debian Oval Importer | Affected by | VCID-vjex-gw45-aaae | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:18:23.756118+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T17:11:59.922612+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T08:03:29.221798+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:56:15.808092+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:55:57.000430+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:10:40.155189+00:00 | Debian Oval Importer | Affected by | VCID-ewma-bdd5-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:45:48.651389+00:00 | Debian Oval Importer | Fixing | VCID-ewma-bdd5-aaaa | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:35:04.870265+00:00 | Debian Oval Importer | Fixing | VCID-y2ff-qfxj-aaar | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:34:59.783697+00:00 | Debian Oval Importer | Fixing | VCID-k73v-pu17-aaaj | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-07T22:13:47.344266+00:00 | Debian Oval Importer | Affected by | VCID-cwan-4pbv-aaab | None | 36.0.0 |
| 2025-04-07T18:59:17.083080+00:00 | Debian Oval Importer | Affected by | VCID-vjex-gw45-aaae | None | 36.0.0 |
| 2025-04-07T17:25:19.161253+00:00 | Debian Oval Importer | Affected by | VCID-ewma-bdd5-aaaa | None | 36.0.0 |
| 2025-04-07T17:10:04.232781+00:00 | Debian Oval Importer | Affected by | VCID-y2ff-qfxj-aaar | None | 36.0.0 |
| 2025-04-07T15:22:13.593433+00:00 | Debian Oval Importer | Affected by | VCID-serq-s7kt-aaac | None | 36.0.0 |
| 2025-04-07T12:38:11.465166+00:00 | Debian Oval Importer | Affected by | VCID-k73v-pu17-aaaj | None | 36.0.0 |
| 2025-04-07T12:29:17.227449+00:00 | Debian Oval Importer | Fixing | VCID-k73v-pu17-aaaj | None | 36.0.0 |
| 2025-04-07T12:28:30.861694+00:00 | Debian Oval Importer | Fixing | VCID-ewma-bdd5-aaaa | None | 36.0.0 |
| 2025-04-07T02:25:45.410733+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 36.0.0 |
| 2025-04-05T19:53:14.382290+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 36.0.0 |
| 2025-02-19T21:27:20.620440+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 35.1.0 |
| 2025-02-19T12:50:06.235146+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 35.1.0 |
| 2024-11-22T17:33:13.523828+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 35.0.0 |
| 2024-11-22T10:07:42.757267+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 35.0.0 |
| 2024-11-20T08:37:57.906586+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 34.3.2 |
| 2024-10-09T16:35:49.262622+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 34.0.2 |
| 2024-10-09T09:04:43.914522+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 34.0.2 |
| 2024-09-19T01:08:47.268007+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 34.0.1 |
| 2024-09-18T19:36:43.517381+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 34.0.1 |
| 2024-04-24T22:03:52.016290+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 34.0.0rc4 |
| 2024-04-24T17:52:20.844762+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 34.0.0rc4 |
| 2024-01-10T22:52:47.229738+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 34.0.0rc2 |
| 2024-01-10T19:26:33.347177+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 34.0.0rc2 |
| 2024-01-04T12:02:41.829285+00:00 | Debian Importer | Affected by | VCID-vjex-gw45-aaae | None | 34.0.0rc1 |
| 2024-01-04T08:53:08.541687+00:00 | Debian Importer | Affected by | VCID-cwan-4pbv-aaab | None | 34.0.0rc1 |