CVE-2021-28163, GHSA-j6qj-j888-vvgq
maven/org.apache.solr/solr-core
Improper Link Resolution Before File Access
In Eclipse Jetty, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory.
Version 8.8.1
Upgrade to version 8.8.2 or above.
2021-09-20
source |