Download
| Alert*
|
oval:org.secpod.oval:def:1901071
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path trav ... oval:org.secpod.oval:def:603291 Two vulnerabilities have been found in Solr, a search server based on Lucene, which could result in the execution of arbitrary code or path traversal. oval:org.secpod.oval:def:53262 Two vulnerabilities have been found in Solr, a search server based on Lucene, which could result in the execution of arbitrary code or path traversal. |
