Search for packages
Package details: pkg:maven/org.apache.solr/solr-core@8.11.3
purl pkg:maven/org.apache.solr/solr-core@8.11.3
Next non-vulnerable version 9.8.0
Latest non-vulnerable version 9.8.0
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-mgtc-1e6f-3bhg
Aliases:
CVE-2024-52012
GHSA-4p5m-gvpf-f3x5
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API.  Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.   This issue affects Apache Solr: from 6.6 through 9.7.0. Users are recommended to upgrade to version 9.8.0, which fixes the issue.  Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
9.8.0
Affected by 0 other vulnerabilities.
VCID-x6bt-nsqt-gfg2
Aliases:
CVE-2025-24814
GHSA-68r2-fwcg-qpm8
solr: org.apache.solr: Apache Solr: Core-creation with "trusted" configset can use arbitrary untrusted files
9.8.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (4)
Vulnerability Summary Aliases
VCID-83s4-swg3-aaar Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets CVE-2023-50386
GHSA-37vr-vmg4-jwpw
VCID-fkew-f1ez-aaaq Apache Solr can leak certain passwords due to System Property redaction logic inconsistencies CVE-2023-50291
GHSA-3hwc-rqwp-v36q
VCID-pk1z-x6n7-aaaa Apache Solr Schema Designer blindly "trusts" all configsets CVE-2023-50292
GHSA-4wxw-42wx-2wfx
VCID-vj8s-sv5u-aaaf Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds CVE-2023-50298
GHSA-xrj7-x7gp-wwqr

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T17:15:28.742297+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.1.3
2025-06-20T17:15:28.319641+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.1.3
2025-06-20T16:52:46.839616+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 36.1.3
2025-06-20T16:52:46.546166+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 36.1.3
2025-06-20T16:52:43.065737+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.1.3
2025-06-20T16:52:42.658503+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.1.3
2025-06-03T23:50:50.463600+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.1.0
2025-06-03T23:50:50.101603+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.1.0
2025-06-03T23:30:01.593787+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 36.1.0
2025-06-03T23:30:01.414821+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 36.1.0
2025-06-03T23:29:58.807818+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.1.0
2025-06-03T23:29:58.547450+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.1.0
2025-06-02T23:49:37.966187+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.1.2
2025-06-02T23:49:37.544607+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.1.2
2025-06-02T23:27:46.168854+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 36.1.2
2025-06-02T23:27:45.979034+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 36.1.2
2025-06-02T23:27:43.076757+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.1.2
2025-06-02T23:27:42.810608+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.1.2
2025-04-04T11:32:40.496998+00:00 GithubOSV Importer Fixing VCID-83s4-swg3-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-37vr-vmg4-jwpw/GHSA-37vr-vmg4-jwpw.json 36.0.0
2025-04-04T11:32:36.992131+00:00 GithubOSV Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-3hwc-rqwp-v36q/GHSA-3hwc-rqwp-v36q.json 36.0.0
2025-04-03T22:39:51.399714+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.0.0
2025-04-03T22:39:50.016774+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.0.0
2025-04-03T21:55:04.880974+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 36.0.0
2025-04-03T21:54:56.700919+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.0.0
2025-03-29T10:49:47.810882+00:00 GHSA Importer Fixing VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 36.0.0
2025-03-29T10:49:47.724822+00:00 GHSA Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/advisories/GHSA-3hwc-rqwp-v36q 36.0.0
2025-03-28T16:49:12.250953+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.0.0
2025-03-28T16:49:12.184920+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 36.0.0
2025-02-18T03:42:00.739780+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 35.1.0
2025-02-18T03:41:59.518606+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 35.1.0
2025-02-18T03:41:58.990969+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 35.1.0
2025-02-18T01:06:03.874799+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 35.1.0
2024-11-21T00:59:53.553943+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 35.0.0
2024-11-21T00:59:52.624857+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 35.0.0
2024-11-21T00:59:52.466244+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 35.0.0
2024-11-20T23:31:00.965037+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 35.0.0
2024-11-19T00:48:31.455245+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.3.2
2024-11-19T00:48:30.534379+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 34.3.2
2024-11-19T00:48:30.382258+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 34.3.2
2024-11-18T23:19:53.286720+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.3.2
2024-10-15T19:18:02.492831+00:00 GithubOSV Importer Fixing VCID-83s4-swg3-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-37vr-vmg4-jwpw/GHSA-37vr-vmg4-jwpw.json 34.0.2
2024-10-15T19:18:02.006059+00:00 GithubOSV Importer Fixing VCID-pk1z-x6n7-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-4wxw-42wx-2wfx/GHSA-4wxw-42wx-2wfx.json 34.0.2
2024-10-15T19:18:01.938735+00:00 GithubOSV Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-3hwc-rqwp-v36q/GHSA-3hwc-rqwp-v36q.json 34.0.2
2024-10-08T01:20:26.141081+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.0.2
2024-10-08T01:20:25.297389+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 34.0.2
2024-10-08T01:20:25.138972+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 34.0.2
2024-10-08T00:17:17.429790+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.0.2
2024-10-07T21:49:09.313879+00:00 GHSA Importer Fixing VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 34.0.2
2024-10-07T21:49:07.968901+00:00 GHSA Importer Fixing VCID-pk1z-x6n7-aaaa https://github.com/advisories/GHSA-4wxw-42wx-2wfx 34.0.2
2024-10-07T21:49:07.654897+00:00 GHSA Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/advisories/GHSA-3hwc-rqwp-v36q 34.0.2
2024-09-18T09:18:58.288458+00:00 GithubOSV Importer Fixing VCID-83s4-swg3-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-37vr-vmg4-jwpw/GHSA-37vr-vmg4-jwpw.json 34.0.1
2024-09-18T09:18:50.432774+00:00 GithubOSV Importer Fixing VCID-pk1z-x6n7-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-4wxw-42wx-2wfx/GHSA-4wxw-42wx-2wfx.json 34.0.1
2024-09-18T09:18:42.776202+00:00 GithubOSV Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-3hwc-rqwp-v36q/GHSA-3hwc-rqwp-v36q.json 34.0.1
2024-09-17T22:40:27.569576+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.0.1
2024-09-17T22:40:27.457538+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 34.0.1
2024-09-17T22:40:27.078766+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 34.0.1
2024-09-17T22:40:25.972302+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.0.1
2024-09-17T22:01:08.736307+00:00 GHSA Importer Fixing VCID-pk1z-x6n7-aaaa https://github.com/advisories/GHSA-4wxw-42wx-2wfx 34.0.1
2024-09-17T22:01:08.697892+00:00 GHSA Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/advisories/GHSA-3hwc-rqwp-v36q 34.0.1
2024-09-17T22:01:08.617436+00:00 GHSA Importer Fixing VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 34.0.1
2024-05-17T21:00:58.885816+00:00 GHSA Importer Fixing VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 34.0.0rc4
2024-05-17T21:00:57.091518+00:00 GHSA Importer Fixing VCID-pk1z-x6n7-aaaa https://github.com/advisories/GHSA-4wxw-42wx-2wfx 34.0.0rc4
2024-05-17T21:00:56.836779+00:00 GHSA Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/advisories/GHSA-3hwc-rqwp-v36q 34.0.0rc4
2024-04-23T23:13:03.720728+00:00 GithubOSV Importer Fixing VCID-83s4-swg3-aaar https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-37vr-vmg4-jwpw/GHSA-37vr-vmg4-jwpw.json 34.0.0rc4
2024-04-23T23:12:56.687118+00:00 GithubOSV Importer Fixing VCID-pk1z-x6n7-aaaa https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-4wxw-42wx-2wfx/GHSA-4wxw-42wx-2wfx.json 34.0.0rc4
2024-04-23T23:12:49.580504+00:00 GithubOSV Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/02/GHSA-3hwc-rqwp-v36q/GHSA-3hwc-rqwp-v36q.json 34.0.0rc4
2024-04-23T17:43:22.523423+00:00 GitLab Importer Fixing VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.0.0rc4
2024-04-23T17:43:22.441244+00:00 GitLab Importer Fixing VCID-pk1z-x6n7-aaaa https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50292.yml 34.0.0rc4
2024-04-23T17:43:22.363395+00:00 GitLab Importer Fixing VCID-fkew-f1ez-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50291.yml 34.0.0rc4
2024-04-23T17:43:22.295877+00:00 GitLab Importer Fixing VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.0.0rc4
2024-02-09T23:49:07.178497+00:00 GHSA Importer Fixing VCID-pk1z-x6n7-aaaa https://github.com/advisories/GHSA-4wxw-42wx-2wfx 34.0.0rc2
2024-02-09T23:49:07.132106+00:00 GHSA Importer Fixing VCID-fkew-f1ez-aaaq https://github.com/advisories/GHSA-3hwc-rqwp-v36q 34.0.0rc2
2024-02-09T23:49:07.050160+00:00 GHSA Importer Fixing VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 34.0.0rc2