You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@solr.apache.org by mtn search <se...@gmail.com> on 2022/04/01 17:25:35 UTC

Solr and Spring Core Framework - CVE-2022-22965

Hello,

A couple questions:

Any information if Solr 6.x and later uses the Spring Core Framework?

Any information if Solr 6.x and later is vulnerable to CVE-2022-22965:
Spring Framework RCE via Data Binding on JDK 9+?

https://tanzu.vmware.com/security/cve-2022-22965

Thanks,
Matt