[ https://issues.apache.org/jira/browse/SOLR-16517?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Houston Putman resolved SOLR-16517. ----------------------------------- Resolution: Invalid Please read our security page: https://solr.apache.org/security.html This is an issue tracker, and we do not accept vulnerability scans as issues. DockerHub will provide timely updates of the base image, and Solr maintains a list of exploitative CVEs for its dependencies. > Solr export 8.11.2-slim Vulnerabilities > ---------------------------------------- > > Key: SOLR-16517 > URL: https://issues.apache.org/jira/browse/SOLR-16517 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: security > Affects Versions: 8.11.2 > Reporter: Ritchie Gu > Priority: Critical > Attachments: twistlock_images-Solr-Exporter.csv > > > I have a question regarding the solr exporter > [https://hub.docker.com/layers/library/solr/8.11.2-slim/images/sha256-e2e7e8fddb75ec8055c2745bbaf784cd7608ea5898f17144312f316ef0a1f488?context=explore] > Our twistlock scan result showing that it has 95 vulnerabilities. We are > going through an auditing process and would like to get some answers from > Apache Solr team since it's officially supported. > Also is there any plan that Solr team will address these vulnerabilities? > I will attach the scan result here in the ticket. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org