4 matches found
CVE-2022-41917 Incorrect Error Handling Allowed Partial File Reads Over REST API in OpenSearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a...
CVE-2022-41917 Incorrect Error Handling Allowed Partial File Reads Over REST API in OpenSearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a...
CVE-2022-41917
OpenSearch CVE-2022-41917 is an information-disclosure flaw in OpenSearch where an incorrect error-handling path allows certain crafted REST queries to read the first line from arbitrary text files, limited to files readable under the Java Security Manager policy. Affected versions are OpenSearch...
CVE-2022-41917
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a...