6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-22135
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and...
CVE-2021-22135
creationtimestamp| type| source ---|---|--- 2024-01-28 05:36:43+00:00| seen| https://t.me/arpsyndicate/3219...
Security Bulletin: IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities (CVE-2021-22137, CVE-2021-22135)
Summary IBM Security SOAR is using a version of Elasticsearch that has known vulnerabilities. A recent update has addressed these issues. Vulnerability Details CVEID: CVE-2021-22137 DESCRIPTION: Elasticsearch could allow a remote authenticated attacker to obtain sensitive information, caused by a...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=5.7.9), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=5.7.9) +255 more potentially affected by CVE-2021-22135 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.11.1)
org.elasticsearch:elasticsearch MAVEN version =7.0.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =2.1.0.M8, =0.9.30, =0.9.30, =0.9.30, =0.9.70 and more Source cves: CVE-2021-22135 Source advisory: OSV:GHSA-62WW-4P3P-7FHJ...
CVE-2021-22135
Elasticsearch CVE-2021-22135 affects versions prior to 7.11.2 and 6.8.15. The vulnerability is a document disclosure flaw in the suggester and profile API when Document and Field Level Security are enabled; the suggester/profile API are normally disabled for an index when DLS is on. Certain queri...
CVE-2021-22135
Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API when Document and Field Level Security are enabled. The suggester and profile API are normally disabled for an index when document level security is enabled ...