Hi Shahryar, You do not specify what versions of Solr you believe to be vulnerable to those two CVEs.
A quick check finds that they are both already plugged both in all actively supported versions of Solr (i.e. 9.x and 8.11.x). In the future you can check this yourself by looking at Solr's changelog. Jan
