AVG-1808 log

Package solr
Status Fixed
Severity Medium
Type multiple issues
Affected 8.8.1-1
Fixed 8.8.2-1
Current 8.11.1-1 [community]
Ticket None
Created Mon Apr 12 21:57:41 2021
Issue Severity Remote Type Description
CVE-2021-29943 Medium Yes Authentication bypass
When using ConfigurableInternodeAuthHadoopPlugin for authentication, Apache Solr versions prior to 8.8.2 would forward/proxy distributed requests using...
CVE-2021-29262 Medium Yes Information disclosure
When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing...
CVE-2021-27905 Medium Yes Cross-site request forgery
The ReplicationHandler (normally registered at "/replication" under a Solr core) has a "masterUrl" (also "leaderUrl" alias) parameter that is used to...