Browse Security Advisories
Security Advisories for org.elasticsearch:elasticsearch in maven Clear Filters
Moderate
5 months ago
Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion
maven
org.elasticsearch:elasticsearch
Moderate
5 months ago
Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function
maven
org.elasticsearch:elasticsearch
Moderate
7 months ago
Elasticsearch allocation of resources without limits or throttling leads to crash
maven
org.elasticsearch:elasticsearch
Moderate
8 months ago
Elasticsearch Incorrect Authorization vulnerability
maven
org.elasticsearch:elasticsearch
Moderate
about 1 year ago
Elasticsearch stores private key on disk unencrypted
maven
org.elasticsearch:elasticsearch
Moderate
about 1 year ago
Elasticsearch Insertion of Sensitive Information into Log File
maven
org.elasticsearch:elasticsearch
Moderate
about 1 year ago
Elasticsearch StackOverflow vulnerability
maven
org.elasticsearch:elasticsearch
Moderate
about 1 year ago
Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions
maven
org.elasticsearch:elasticsearch
Moderate
over 1 year ago
Elasticsearch Uncaught Exception leading to crash
maven
org.elasticsearch:elasticsearch
Moderate
over 1 year ago
Elasticsearch Incorrect Authorization vulnerability
maven
org.elasticsearch:elasticsearch
Moderate
over 1 year ago
Elasticsearch Uncontrolled Resource Consumption vulnerability
maven
org.elasticsearch:elasticsearch
Moderate
almost 2 years ago
Elasticsearch Improper Handling of Exceptional Conditions
maven
org.elasticsearch:elasticsearch
Moderate
almost 2 years ago
Elasticsearch vulnerable to stack overflow in the search API
maven
org.elasticsearch:elasticsearch
Moderate
almost 2 years ago
Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs
maven
org.elasticsearch:elasticsearch
High
almost 2 years ago
Elasticsearch vulnerable to Uncontrolled Resource Consumption
maven
org.elasticsearch:elasticsearch
High
about 3 years ago
Improper Check for Unusual or Exceptional Conditions in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Insertion of Sensitive Information into Log File in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Improper privilege management in elasticsearch
maven
org.elasticsearch:elasticsearch
High
over 3 years ago
Improper Privilege Management in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Elasticsearch Improper Access Control vulnerability
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Cross-site scripting in Elasticsearch
maven
org.elasticsearch:elasticsearch
High
over 3 years ago
Improper Access Control in Elasticsearch
maven
org.elasticsearch:elasticsearch
High
over 3 years ago
Improper Access Control in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Improper Restriction of XML External Entity Reference in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 3 years ago
Elasticsearch subject to cross site scripting
maven
org.elasticsearch:elasticsearch
High
over 3 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
maven
org.elasticsearch:elasticsearch
High
over 3 years ago
Improper Access Control in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
almost 4 years ago
Exposure of sensitive information in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
about 4 years ago
API information disclosure flaw in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 4 years ago
Insufficiently Protected Credentials in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 4 years ago
Privilege Escalation Flaw in Elasticsearch
maven
org.elasticsearch:elasticsearch
Low
over 4 years ago
Privilege Context Switching Error in Elasticsearch
maven
org.elasticsearch:elasticsearch
Moderate
over 4 years ago
Exposure of Sensitive Information to an Unauthorized Actor
maven
org.elasticsearch:elasticsearch
Filter by Severity
Filter by Ecosystem
maven
6,782
packagist
5,383
pypi
4,882
npm
4,236
go
2,878
nuget
1,702
cargo
1,076
rubygems
928
hex
37
swift
36
actions
34
pub
10
Filter by Package
org.jenkins-ci.main:jenkins-core
239
com.liferay.portal:release.portal.bom
139
org.apache.tomcat:tomcat
138
com.liferay.portal:release.dxp.bom
123
com.fasterxml.jackson.core:jackson-databind
69
org.apache.struts:struts2-core
57
org.keycloak:keycloak-core
50
org.apache.tomcat.embed:tomcat-embed-core
47
org.xwiki.platform:xwiki-platform-oldcore
43
org.keycloak:keycloak-services
42
org.elasticsearch:elasticsearch
41
com.thoughtworks.xstream:xstream
37
net.mingsoft:ms-mcms
36
com.jfinal:jfinal
36
org.jenkins-ci.plugins:script-security
34
io.undertow:undertow-core
34
org.apache.solr:solr-core
28
org.opencms:opencms-core
27
org.springframework.security:spring-security-core
26
org.eclipse.jetty:jetty-server
25
org.keycloak:keycloak-parent
24
org.bouncycastle:bcprov-jdk14
23
org.apache.openmeetings:openmeetings-parent
22
org.apache.tomcat:tomcat-catalina
22
org.apache.nifi:nifi
21
org.cloudfoundry.identity:cloudfoundry-identity-server
20
org.xwiki.platform:xwiki-platform-web-templates
20
org.apache.tomcat:tomcat-coyote
20
org.apache.jspwiki:jspwiki-main
18
com.vaadin:vaadin-bom
18
org.springframework:spring-core
17
org.apache.inlong:manager-pojo
17
org.apache.geode:geode-core
17
org.bouncycastle:bcprov-jdk15
16
org.apache.dubbo:dubbo
16
org.apache.ranger:ranger
16
org.apache.activemq:activemq-client
16
org.apache.struts.xwork:xwork-core
15
org.xwiki.platform:xwiki-platform-web
14
org.springframework:spring-webmvc
13
org.jenkins-ci.plugins.workflow:workflow-cps
13
org.apache.hadoop:hadoop-main
13
org.apache.cxf:cxf-core
13
org.jeecgframework.boot:jeecg-boot-parent
12
org.apache.dolphinscheduler:dolphinscheduler
12
org.springframework:spring-web
12
com.vaadin:flow-server
12
org.graylog2:graylog2-server
12
org.apache.cxf:cxf
12
org.apache.hadoop:hadoop-common
12
org.jenkins-ci.plugins:git
12
org.jenkins-ci.plugins:email-ext
11
org.apache.jspwiki:jspwiki-war
11
org.bouncycastle:bcprov-jdk15on
11
org.xwiki.platform:xwiki-platform-administration-ui
11
ai.h2o:h2o-core
11
org.apache.tika:tika-core
11
org.apache.archiva:archiva
11
org.mortbay.jetty:jetty
11
org.apache.camel:camel-core
11
org.apache.james:james-server
11
com.xuxueli:xxl-job
11
org.geoserver.web:gs-web-app
11
org.igniterealtime.openfire:parent
11
org.apache.commons:commons-compress
11
org.craftercms:crafter-studio
10
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
10
org.bouncycastle:bcprov-jdk15to18
10
org.opensearch.plugin:opensearch-security
10
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
10
org.apache.inlong:manager-service
10
org.apache.hive:hive-exec
10
io.netty:netty
10
h2o
10
org.apache.kylin:kylin
10
org.jboss.netty:netty
10
cn.hutool:hutool-core
9
mysql:mysql-connector-java
9
twbs/bootstrap
9
org.opencrx:opencrx-core-models
9
org.opennms:opennms
9
org.apache.xmlgraphics:batik
9
org.apache.linkis:linkis
9
bootstrap
9
org.apache.hive:hive
9
bootstrap
9
org.jenkins-ci.plugins:config-file-provider
9
org.apache.tapestry:tapestry-core
9
bootstrap
9
pyspark
9
io.jenkins:configuration-as-code
9
org.apache.shiro:shiro-core
9
org.postgresql:postgresql
9
org.jenkins-ci.plugins:electricflow
9
org.webjars:bootstrap
9
org.jenkins-ci.plugins:active-directory
9
org.jenkins-ci.plugins:ec2
8
org.yaml:snakeyaml
8
org.apache.ambari:ambari
8
org.apache.hive:hive-service
8
org.apache.santuario:xmlsec
8
org.jenkins-ci.plugins:subversion
8
com.hazelcast:hazelcast
8
org.silverpeas.core:silverpeas-core-web
8
jquery
8
org.apache.streampark:streampark
8
org.apache.cassandra:cassandra-all
8
org.jeecgframework.boot:jeecg-boot-common
8
io.jenkins.blueocean:blueocean
8
org.webjars.npm:jquery
8
com.ruoyi:ruoyi
8
org.bouncycastle:bc-fips
8
jquery-rails
8
org.apache.zeppelin:zeppelin
8
org.apache.ozone:ozone-main
8
org.apache.pdfbox:pdfbox
8
org.jenkins-ci.plugins:oic-auth
8
org.xwiki.platform:xwiki-platform-rest-server
8
jQuery.UI.Combined
7
org.opencastproject:opencast-kernel
7
io.netty:netty-handler
7
org.jenkins-ci.plugins:mercurial
7
io.dataease:dataease-plugin-common
7
io.jenkins.plugins:cavisson-ns-nd-integration
7
io.atomix:atomix
7
org.jeecgframework.boot:jeecg-boot-base
7
jquery-ui
7
net.opentsdb:opentsdb
7
org.apache.logging.log4j:log4j-core
7
org.apache.inlong:manager-web
7
org.apache.cxf:apache-cxf
7
org.owasp.esapi:esapi
7
org.apache.spark:spark-core_2.11
7
org.apache.karaf:apache-karaf
7
org.apache.tika:tika
7
org.jenkins-ci.plugins:artifactory
7
jquery-ui-rails
7
bootstrap.sass
7
bootstrap-sass
7
commons-fileupload:commons-fileupload
7
org.bouncycastle:bcprov-jdk18on
7
org.apache.atlas:atlas-common
7
org.apache.activemq:activemq-parent
7
rubygems-update
7
org.jboss.resteasy:resteasy-client
7
org.apache.derby:derby
7
org.apache.druid:druid
7
com.liferay.portal:com.liferay.portal.impl
7
org.apache.wicket:wicket-core
7
jQuery
7
org.jenkins-ci.plugins:openshift-deployer
7
io.jenkins.plugins:miniorange-saml-sp
7
org.jenkins-ci.plugins:jobConfigHistory
7
org.apache.poi:poi
7
io.jenkins.plugins:warnings-ng
7
org.webjars.npm:jquery-ui
7
org.jruby:jruby-stdlib
7
org.owasp.antisamy:antisamy
7
org.jenkins-ci.plugins:rundeck
7
org.jenkins-ci.plugins:fortify-on-demand-uploader
6
com.nimbusds:nimbus-jose-jwt
6
org.apache.syncope:syncope-core
6
org.jenkins-ci.plugins:gitlab-oauth
6
com.jflyfox:jflyfox_jfinal
6
com.xebialabs.deployit.ci:deployit-plugin
6
org.jenkins-ci.plugins:credentials-binding
6
com.google.protobuf:protobuf-java
6
hudson.plugins:project-inheritance
6
org.apache.storm:storm-core
6
org.csanchez.jenkins.plugins:kubernetes
6
org.apache.shenyu:shenyu-common
6
bootstrap-sass
6
org.apache.axis:axis
6
org.jenkins-ci.plugins:gitlab-plugin
6
org.jeecgframework.boot:jeecg-boot-base-core
6
com.xuxueli:xxl-job-core
6
org.apache.struts:struts2-rest-plugin
6
org.jenkins-ci.plugins:pipeline-maven
6
org.apache.zookeeper:zookeeper
6
org.apache.solr:solr-parent
6
de.tum.in.ase:artemis-java-test-sandbox
6
org.geoserver:gs-wms
6
org.apache.mesos:mesos
6
io.netty:netty-codec-http
6
org.apache.kafka:kafka
6
org.infinispan:infinispan-core
6
org.jenkins-ci.plugins:ghprb
6
org.apache.pulsar:pulsar-broker
6
ch.qos.logback:logback-core
6
apache-iotdb
6
org.jenkins-ci.plugins:azure-vm-agents
6
axis:axis
6
org.jenkins-ci.plugins:repository-connector
6
cn.hutool:hutool-json
6
org.apache.httpcomponents:httpclient
6
org.jenkins-ci.plugins:ec2-deployment-dashboard
6
org.apache.ignite:ignite-core
6
org.xwiki.commons:xwiki-commons-xml
6
org.apache.zeppelin:zeppelin-server
6
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
6