VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.elasticsearch:elasticsearch

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2014-3120 unknown 1.5 4y ago Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code. java
CVE-2015-1427 unknown 1.5 4y ago The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands. java