6 matches found
EUVD-2023-3294
Malicious code in bioql PyPI...
Security Bulletin: Vulnerability in Elastic Elasticsearch-Hadoop affects watsonx.data
Summary Elastic Elasticsearch-Hadoop could allow the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. As this occurs when the user has been authenticated, there is limited impact to watsonx.data. Vulnerabili...
CVE-2023-46674
A flaw was found in elasticsearch-hadoop that allowed the unsafe deserialization of Java objects from Hadoop or spark configuration properties that could have been modified by authenticated users. Unsafe deserialization may impact integrity by allowing an attacker to modify unexpected objects or...
Elasticsearch-hadoop 7.17.11 / 8.9.0 Security Update (ESA-2023-28)
Elasticsearch-hadoop Unsafe Deserialization ESA-2023-28 An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users. Elastic would like to thank Yakov Shafranovich, with Amazon W...
Elasticsearch-hadoop Code Issue Vulnerability
Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch-hadoop that stems from a deserialization vulnerability in java objects in hadoop or spark configuration properties. Affected products and versions: Elasticsearch-hadoop versions prior to...
PT-2023-30155 · Unknown · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch affected versions not specified Description: An issue was identified that allowed the unsafe deserialization of java objects from hadoop or spark configuration properties that could have been modified by authenticated users...