Title: Solr™ Security News URL: solr/security.html save_as: solr/security.html template: solr/security
If you believe you have discovered a vulnerability in Solr, you may first want to consult the list of known false positives to make sure you are reporting a real vulnerability. Then please disclose responsibly by following these ASF guidelines for reporting.
You may file your request by email to mailto:security@lucene.apache.org or alternatively file a private security issue in Solr JIRA.
You will find more security related information on our Wiki: https://cwiki.apache.org/confluence/display/SOLR/SolrSecurity, such as information on how to treat the automated reports from security scanning tools.
Below is a list of already announced CVE vulnerabilities. These are also available as an ATOM feed: