[
https://issues.apache.org/jira/browse/SOLR-16517?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Houston Putman resolved SOLR-16517.
-----------------------------------
Resolution: Invalid
Please read our security page: https://solr.apache.org/security.html
This is an issue tracker, and we do not accept vulnerability scans as issues.
DockerHub will provide timely updates of the base image, and Solr maintains a
list of exploitative CVEs for its dependencies.
> Solr export 8.11.2-slim Vulnerabilities
> ----------------------------------------
>
> Key: SOLR-16517
> URL: https://issues.apache.org/jira/browse/SOLR-16517
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: security
> Affects Versions: 8.11.2
> Reporter: Ritchie Gu
> Priority: Critical
> Attachments: twistlock_images-Solr-Exporter.csv
>
>
> I have a question regarding the solr exporter
> [https://hub.docker.com/layers/library/solr/8.11.2-slim/images/sha256-e2e7e8fddb75ec8055c2745bbaf784cd7608ea5898f17144312f316ef0a1f488?context=explore]
> Our twistlock scan result showing that it has 95 vulnerabilities. We are
> going through an auditing process and would like to get some answers from
> Apache Solr team since it's officially supported.
> Also is there any plan that Solr team will address these vulnerabilities?
> I will attach the scan result here in the ticket.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
