Search for packages
Package details: pkg:maven/org.apache.solr/solr-core@9.4.0
purl pkg:maven/org.apache.solr/solr-core@9.4.0
Next non-vulnerable version 9.8.0
Latest non-vulnerable version 9.8.0
Risk 10.0
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-83s4-swg3-aaar
Aliases:
CVE-2023-50386
GHSA-37vr-vmg4-jwpw
Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets
9.4.1
Affected by 2 other vulnerabilities.
VCID-mgtc-1e6f-3bhg
Aliases:
CVE-2024-52012
GHSA-4p5m-gvpf-f3x5
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API.  Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.   This issue affects Apache Solr: from 6.6 through 9.7.0. Users are recommended to upgrade to version 9.8.0, which fixes the issue.  Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
9.8.0
Affected by 0 other vulnerabilities.
VCID-vj8s-sv5u-aaaf
Aliases:
CVE-2023-50298
GHSA-xrj7-x7gp-wwqr
Apache Solr's Streaming Expressions allow users to extract data from other Solr Clouds
9.4.1
Affected by 2 other vulnerabilities.
VCID-x6bt-nsqt-gfg2
Aliases:
CVE-2025-24814
GHSA-68r2-fwcg-qpm8
solr: org.apache.solr: Apache Solr: Core-creation with "trusted" configset can use arbitrary untrusted files
9.8.0
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T17:15:28.757184+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.1.3
2025-06-20T17:15:28.334119+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.1.3
2025-06-20T16:52:43.084225+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.1.3
2025-06-20T16:52:42.681903+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.1.3
2025-06-03T23:50:50.475558+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.1.0
2025-06-03T23:50:50.113511+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.1.0
2025-06-03T23:29:58.822800+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.1.0
2025-06-03T23:29:58.566598+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.1.0
2025-06-02T23:49:37.980517+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.1.2
2025-06-02T23:49:37.559413+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.1.2
2025-06-02T23:27:43.093126+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.1.2
2025-06-02T23:27:42.831988+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.1.2
2025-04-03T22:39:51.447602+00:00 GitLab Importer Affected by VCID-x6bt-nsqt-gfg2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2025-24814.yml 36.0.0
2025-04-03T22:39:50.066267+00:00 GitLab Importer Affected by VCID-mgtc-1e6f-3bhg https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2024-52012.yml 36.0.0
2025-04-03T21:54:56.748475+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 36.0.0
2025-04-03T21:54:56.147797+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 36.0.0
2025-02-18T03:42:00.799055+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 35.1.0
2025-02-18T01:06:03.924043+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 35.1.0
2024-11-21T00:59:53.612909+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 35.0.0
2024-11-20T23:31:01.015753+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 35.0.0
2024-11-19T00:48:31.512384+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.3.2
2024-11-18T23:19:53.335693+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.3.2
2024-10-08T01:20:26.199996+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.0.2
2024-10-08T00:17:17.478197+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.0.2
2024-10-07T21:49:09.425116+00:00 GHSA Importer Affected by VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 34.0.2
2024-09-23T01:25:53.699260+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.0.1
2024-09-23T00:31:16.988111+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.0.1
2024-09-22T22:18:29.476722+00:00 GHSA Importer Affected by VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 34.0.1
2024-05-17T21:00:59.028341+00:00 GHSA Importer Affected by VCID-83s4-swg3-aaar https://github.com/advisories/GHSA-37vr-vmg4-jwpw 34.0.0rc4
2024-04-24T03:58:26.739629+00:00 GitLab Importer Affected by VCID-83s4-swg3-aaar https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50386.yml 34.0.0rc4
2024-04-24T02:42:11.271890+00:00 GitLab Importer Affected by VCID-vj8s-sv5u-aaaf https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.solr/solr-core/CVE-2023-50298.yml 34.0.0rc4