Package impact

Maven / org.elasticsearch:elasticsearch

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2014-3120	unknown	—	1.5	4y ago	Elasticsearch Improper Access Control vulnerability
CVE-2015-1427	unknown	—	1.5	4y ago	Improper Access Control in Elasticsearch
CVE-2025-37731	unknown	—	—	5mo ago	Elasticsearch PKI Realm Authentication Bypass Vulnerability Allows User Impersonation Through Crafted Client Certificates
CVE-2025-37727	unknown	—	—	8mo ago	Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
CVE-2024-52979	unknown	—	—	1y ago	Elasticsearch Uncontrolled Resource Consumption Vulnerability
CVE-2024-52981	unknown	—	—	1y ago	Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion
CVE-2024-52980	unknown	—	—	1y ago	Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function
CVE-2024-43709	unknown	—	—	1y ago	Elasticsearch allocation of resources without limits or throttling leads to crash
CVE-2024-12539	unknown	—	—	2y ago	Elasticsearch Incorrect Authorization vulnerability
CVE-2024-23444	unknown	—	—	2y ago	Elasticsearch stores private key on disk unencrypted
CVE-2023-49921	unknown	—	—	2y ago	Elasticsearch Insertion of Sensitive Information into Log File
CVE-2024-37280	unknown	—	—	2y ago	Elasticsearch StackOverflow vulnerability
CVE-2024-23449	unknown	—	—	2y ago	Elasticsearch Uncaught Exception leading to crash
CVE-2024-23451	unknown	—	—	2y ago	Elasticsearch Incorrect Authorization vulnerability
CVE-2024-23450	unknown	—	—	2y ago	Elasticsearch Uncontrolled Resource Consumption vulnerability
CVE-2023-46673	unknown	—	—	3y ago	Elasticsearch Improper Handling of Exceptional Conditions
CVE-2023-31419	unknown	—	—	3y ago	Elasticsearch vulnerable to stack overflow in the search API
CVE-2023-31418	unknown	—	—	3y ago	Elasticsearch vulnerable to Uncontrolled Resource Consumption
CVE-2023-31417	unknown	—	—	3y ago	Elasticsearch allows insertion of sensitive information into log files when using deprecated URIs
CVE-2022-23712	unknown	—	—	4y ago	Improper Check for Unusual or Exceptional Conditions in Elasticsearch
CVE-2021-22137	unknown	—	—	4y ago	Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
CVE-2020-7021	unknown	—	—	4y ago	Insertion of Sensitive Information into Log File in Elasticsearch
CVE-2020-7019	unknown	—	—	4y ago	Improper privilege management in elasticsearch
CVE-2020-7009	unknown	—	—	4y ago	Improper Privilege Management in Elasticsearch
CVE-2019-7619	unknown	—	—	4y ago	Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
CVE-2019-7614	unknown	—	—	4y ago	Concurrent Execution using Shared Resource with Improper Synchronization in Elasticsearch
CVE-2018-17244	unknown	—	—	4y ago	Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
CVE-2018-17247	unknown	—	—	4y ago	Improper Restriction of XML External Entity Reference in Elasticsearch
CVE-2018-3824	unknown	—	—	4y ago	Elasticsearch subject to cross site scripting
CVE-2018-3831	unknown	—	—	4y ago	Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
CVE-2019-7611	unknown	—	—	4y ago	Improper Access Control in Elasticsearch
CVE-2022-23708	unknown	—	—	4y ago	Elasticsearch privilege escalation
CVE-2021-22147	unknown	—	—	5y ago	Exposure of sensitive information in Elasticsearch
CVE-2021-22144	unknown	—	—	5y ago	Denial of Service in Elasticsearch
CVE-2021-22135	unknown	—	—	5y ago	API information disclosure flaw in Elasticsearch
CVE-2021-22132	unknown	—	—	5y ago	Insufficiently Protected Credentials in Elasticsearch
CVE-2020-7014	unknown	—	—	5y ago	Privilege Escalation Flaw in Elasticsearch
CVE-2020-7020	unknown	—	—	5y ago	Privilege Context Switching Error in Elasticsearch
CVE-2021-22134	unknown	—	—	5y ago	Exposure of Sensitive Information to an Unauthorized Actor