ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.6.2), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +1034 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=7.0.0 <=8.18.7)

org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j8.2.2.0, =1.2.1, =0.0.1-alpha, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.2.0, =6.8.0, =6.4.0, =5.3.0, =5.3.0, =5.3.0, =5.4.0 and more Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

org.elasticsearch.test:framework (>=8.19.0 <=8.19.16), org.elasticsearch.test:yaml-rest-runner (>=8.19.0 <=8.19.16) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.19.0 <=8.19.4)

org.elasticsearch:elasticsearch MAVEN version =8.19.0, =8.19.0, =8.19.0, =8.19.2, =8.19.4 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

net.sc8s:elastic-testkit_2.13 (>=0.102.0 <=0.108.0), org.elasticsearch.test:framework (>=9.0.0 <=9.0.7) +3 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.0.0-beta1 <=9.0.7)

org.elasticsearch:elasticsearch MAVEN version =9.0.0-beta1, =0.102.0, =9.0.0, =9.0.0, =1.7.es904.0, =9.0.0, =9.0.3 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

org.elasticsearch.test:framework (>=9.1.0 <=9.1.10), org.elasticsearch.test:yaml-rest-runner (>=9.1.0 <=9.1.10) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.1.0 <=9.1.4)

org.elasticsearch:elasticsearch MAVEN version =9.1.0, =9.1.0, =9.1.0, =9.1.2, =9.1.4 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.2.0), ca.bc.gov.tno:elastic (>=0.0.1-alpha <=0.0.5-alpha) +106 more potentially affected by CVE-2025-37727 via org.elasticsearch.plugin:reindex-client (>=7.0.0-alpha1 <=7.9.3)

org.elasticsearch.plugin:reindex-client MAVEN version =7.0.0-alpha1, =j8.2.2.0, =0.0.1-alpha, =2.1.0.M8, =2.1.0.M8, =1.4.1, =1.4.0, =2.0.5, =7.0.0, =1.1.0, =5.0.3.7.4, =5.0.3.6, =0.0.1, =1.0.2, =1.0.3 - com.cherokeesoft.fias:Fias =1.0.1 and more Source cves: CVE-2025-37727 Source advisory:...

org.elasticsearch.test:framework (>=8.19.0 <=8.19.16), org.elasticsearch.test:yaml-rest-runner (>=8.19.0 <=8.19.16) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.19.0 <=8.19.4)

org.elasticsearch:elasticsearch MAVEN version =8.19.0, =8.19.0, =8.19.0, =8.19.2, =8.19.4 Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...

org.elasticsearch.test:framework (>=9.1.0 <=9.1.10), org.elasticsearch.test:yaml-rest-runner (>=9.1.0 <=9.1.10) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.1.0 <=9.1.4)

org.elasticsearch:elasticsearch MAVEN version =9.1.0, =9.1.0, =9.1.0, =9.1.2, =9.1.4 Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...

com.farcsal.dql:query-es (=0.8.0), com.github.ben-manes.caffeine:simulator (>=3.0.4 <=3.0.5) +14 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.0.0-alpha1 <=8.18.7)

org.elasticsearch:elasticsearch MAVEN version =8.0.0-alpha1, =3.0.4, =1.2.0, =0.83.0, =7.23.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.10.0, =1.6.es801.0, =1.7.es8184.0 and more Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...

CVE-2025-37727 Elasticsearch Insertion of sensitive information in log file

Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex...

Elasticsearch 8.18.8, 8.19.5, 9.0.8, 9.1.5 Security Update (ESA-2025-18)

Elasticsearch Insertion of sensitive information in log file ESA-2025-18 Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API Affected Versions: 7.x: All versions from 7.0.0 and u...