12 matches found
Elastic Logstash 安全漏洞
Elastic Logstash is a set of log analysis and monitoring tools developed by the Dutch company Elastic. There is a security vulnerability in Elastic Logstash, which stems from improper path restrictions. This vulnerability could allow arbitrary file writes and remote code execution...
Elastic Logstash Log Information Disclosure Vulnerability
Elastic Logstash is a suite of log analysis and monitoring tools from Dutch company Elastic. A security vulnerability exists in Elastic Logstash versions prior to 8.11.1, which stems from the fact that sensitive information can be recorded in Logstash logs under certain circumstances...
Elastic Logstash Multiple Log4j Vulnerabilities (Dec 2021)
Elastic Logstash is prone to multiple vulnerabilities in the Apache Log4j library. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Elastic Logstash Multiple Log4j Vulnerabilities (ESA-2021-31, Log4Shell)
Elastic Logstash is prone to multiple vulnerabilities in the Apache Log4j library. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security Bulletin: IBM API Connect is impacted by a vulnerability in Elastic Logstash (CVE-2019-7612)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-7612 DESCRIPTION: A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash...
Elastic Logstash 'CVE-2016-10363' DoS Vulnerability
Elastic Logstash is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Elastic Logstash 'CVE-2015-5619' Man in the Middle Security Bypass Vulnerability - Linux
Elastic Logstash is prone to a security bypass vulnerability. This VT has been deprecated and merged into the VT VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Elastic Logstash 'CVE-2015-5378' Man in the Middle Security Bypass Vulnerability - Linux
Elastic Logstash is prone to a security bypass vulnerability. This VT has been deprecated and merged into the VT VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Elastic Logstash 'CVE-2015-4152' Directory Traversal Vulnerability - Linux
Elastic Logstash is prone to a directory traversal vulnerability. This VT has been deprecated and merged into the VT VT SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Elastic Logstash 'CVE-2014-4326' RCE Vulnerability - Linux
Elastic Logstash is prone to a remote code execution RCE vulnerability. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Elastic Logstash 'CVE-2014-4326' RCE Vulnerability
Elastic Logstash is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Elastic Logstash insufficient certificate check
man-in-the-middle attack is possible...