Not vulnerable since 9.3. Newest is 9.5. Changelog on Solr website and in GitHub. Always check newest version before filing a bug/mail. 9.x versions prior to 9.5 will not receive bug fixes.
Jan Høydahl > 13. feb. 2024 kl. 18:07 skrev Shahryar Shagoshtasbi > <sshagoshta...@costar.com.invalid>: > > Hi there, > > Thank you for your prompt response. > Our scans have detected these CVEs in 9.1 and higher (At least the one we > have tested). > I’d highly appreciate if you could link me to the appropriate changelog for > these changes. > > Thanks. > > > >> On 2024/02/13 16:55:24 Jan Høydahl wrote: >> Hi Shahryar, >> >> You do not specify what versions of Solr you believe to be vulnerable to >> those two CVEs. >> >> A quick check finds that they are both already plugged both in all actively >> supported versions of Solr (i.e. 9.x and 8.11.x). >> In the future you can check this yourself by looking at Solr's changelog. >> >> Jan
