28 matches found
Improper Certificate Validation
org.opensearch.dataprepper.plugins, opensearch is vulnerable to Improper Certificate Validation. The vulnerability is due to the plugins defaulting to a “trust-all” SSL configuration when no certificate path is provided, which allows an attacker to perform man-in-the-middle interception and...
CVE-2025-62371
OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugin...
GHSA-3XGR-H5HQ-7299 GeoIP processor disables SSL certificate validation when downloading databases
Impact The GeoIP processor in Data Prepper was configured to trust all SSL certificates and disable hostname verification when downloading GeoIP databases from HTTP URLs, making downloads vulnerable to man-in-the-middle attacks. The GeoIP processor included a custom SSL implementation that...
GeoIP processor disables SSL certificate validation when downloading databases
Impact The GeoIP processor in Data Prepper was configured to trust all SSL certificates and disable hostname verification when downloading GeoIP databases from HTTP URLs, making downloads vulnerable to man-in-the-middle attacks. The GeoIP processor included a custom SSL implementation that...
GHSA-28GG-8QQJ-FHH5 OpenSearch Data Prepper uses deprecated SSL protocol identifier
Impact The GeoIP processor and Kafka source and buffer were using the deprecated "SSL" protocol identifier when creating SSL contexts, potentially allowing the use of insecure SSL protocols instead of modern TLS versions. Multiple Data Prepper plugins used SSLContext.getInstance"SSL" which could...
OpenSearch Data Prepper uses deprecated SSL protocol identifier
Impact The GeoIP processor and Kafka source and buffer were using the deprecated "SSL" protocol identifier when creating SSL contexts, potentially allowing the use of insecure SSL protocols instead of modern TLS versions. Multiple Data Prepper plugins used SSLContext.getInstance"SSL" which could...
EUVD-2025-34677
OpenSearch Data Prepper uses deprecated SSL protocol identifier...
GHSA-43FF-RR26-8HX4 OpenSearch Data Prepper plugins trust all SSL certificates by default
Impact The OpenSearch sink and source plugins in Data Prepper are configured to trust all SSL certificates by default when no certificate path was provided, making connections vulnerable to man-in-the-middle attacks. Prior to this fix, the OpenSearch sink and source plugins would automatically us...
Improper Certificate Validation
Overview org.opensearch.dataprepper.plugins:opensearch is a Data Prepper project: opensearch Affected versions of this package are vulnerable to Improper Certificate Validation in the SSL certificate validation process when the cert parameter is not explicitly provided. An attacker can intercept...
OpenSearch Data Prepper plugins trust all SSL certificates by default
Impact The OpenSearch sink and source plugins in Data Prepper are configured to trust all SSL certificates by default when no certificate path was provided, making connections vulnerable to man-in-the-middle attacks. Prior to this fix, the OpenSearch sink and source plugins would automatically us...
EUVD-2025-34680
OpenSearch Data Prepper plugins trust all SSL certificates by default...
Improper Certificate Validation
Overview org.opensearch.dataprepper.plugins:kafka-plugins is a Data Prepper project: kafka-plugins Affected versions of this package are vulnerable to Improper Certificate Validation in the SSL certificate validation process when the cert parameter is not explicitly provided. An attacker can...
CVE-2025-62371
OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugin...
CVE-2025-62371 OpenSearch Data Prepper plugins trusts all SSL certificates by default
OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugin...
CVE-2025-62371 OpenSearch Data Prepper plugins trusts all SSL certificates by default
OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugin...
CVE-2025-62371
CVE-2025-62371 relates to OpenSearch Data Prepper plugins (sink/source) defaulting to a trust-all SSL configuration when no cert path is provided. This weakens certificate validation and enables MITM interception of data in transit to OpenSearch clusters. Affected versions precede 2.12.2; the iss...
CVE-2025-62371 OpenSearch Data Prepper plugins trusts all SSL certificates by default
OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugin...
OpenSearch Data Prepper 信任管理问题漏洞
OpenSearch Data Prepper is a component of the OpenSearch project, an OpenSearch open source project. A trust management issue vulnerability exists in OpenSearch Data Prepper versions prior to 2.12.2 that stems from the OpenSearch sink and source plugins trusting all SSL certificates by default,...
PT-2025-42388
Name of the Vulnerable Software and Affected Versions OpenSearch Data Prepper versions prior to 2.12.2 Description OpenSearch Data Prepper is an open source data collector for observability data. The OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no...
EUVD-2024-52841
Malicious code in bioql PyPI...