5 matches found
ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.6.2), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +735 more potentially affected by CVE-2019-7619 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.3.2)
org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j8.2.2.0, =1.2.1, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.2.0, =6.8.0, =6.4.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.10.5 and more Source cves: CVE-2019-7619 Source advisory: OSV:GHSA-HXP8-R9G3-GRFR...
cn.hippo4j:hippo4j-monitor-elasticsearch (>=1.4.1 <=1.5.0), cn.hippo4j:hippo4j-monitor-es (>=1.4.0 <=1.4.0-alpha) +186 more potentially affected by CVE-2019-7619 via org.elasticsearch:elasticsearch (>=6.7.0 <=6.8.3)
org.elasticsearch:elasticsearch MAVEN version =6.7.0, =1.4.1, =1.4.0, =6.8.13, =6.7.2, =0.9.0.0, =0.9.0.0, =0.9.0.0, =6.7.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =6.7.0-33.3, =6.8.3-34.5 and more Source cves: CVE-2019-7619 Source advisory: OSV:GHSA-HXP8-R9G3-GRFRhttps://vulners.co...
Security Bulletin: Multiple vulnerabilities affect IBM Observability with Instana
Summary Vulnerabilities detected in Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.2 affects IBM Observability with Instana Vulnerability Details CVEID: CVE-2019-7619 DESCRIPTION: Elastic Elasticsearch could allow a remote attacker to obtain sensitive information, caused by a flaw in...
Security Bulletin: Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation
Summary The vulnerabilities are related to the WebSphere Liberty server, to Node.js runtime and modules and to other open source packages. Vulnerability Details CVEID: CVE-2019-7619 DESCRIPTION: Elastic Elasticsearch could allow a remote attacker to obtain sensitive information, caused by a flaw ...
CVE-2019-7619
CVE-2019-7619 affects Elasticsearch versions 7.0.0–7.3.2 and 6.7.0–6.8.3, where an unauthenticated attacker could use the API Key service to determine if a username exists in the native realm due to a username-disclosure flaw. The connected documents corroborate a username disclosure vulnerabilit...