CVE-2023-50386

Summary

Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets

Severity

high

EPSS

83.8% (p100)

Also known as

GHSA-37vr-vmg4-jwpw, BIT-solr-2023-50386

Published

2024-02-09

References

• https://nvd.nist.gov/vuln/detail/CVE-2023-50386
• https://github.com/apache/lucene-solr/commit/6c8f24eb9e3fe1cb19058173f2e221de3febfeda
• https://github.com/apache/lucene-solr/commit/7e9a2e67f812032a049836c3aa0b18bf5cd717f9

Related advisories

• CVE-2026-22022 — high · Maven/org.apache.solr:solr-core
• CVE-2026-22444 — high · Maven/org.apache.solr:solr-core
• CVE-2025-24814 — high · Maven/org.apache.solr:solr-core
• CVE-2023-50291 — high · Maven/org.apache.solr:solr-core
• CVE-2019-17558 — high · Maven/org.apache.solr:solr-core
• CVE-2019-0193 — high · Maven/org.apache.solr:solr-core
• CVE-2024-52012 — medium · Maven/org.apache.solr:solr-core
• CVE-2023-50290 — medium · Maven/org.apache.solr:solr-core

Is your project exposed to this? Stateward checks every dependency on every pull request and flags it only if your code actually reaches it.

Summarize with AI

ChatGPTClaudePerplexity