CVE-2023-23613

OpenSearch is an open source distributed and RESTful search engine. In affected versions there is an issue in the implementation of field-level security FLS and field masking where rules written to explicitly exclude fields are not correctly applied for certain queries that rely on their...

Information Disclosure

opensearch is vulnerable to Information Disclosure. The vulnerability exists because the excluded fields are not correctly applied for specific queries in the Field-level security FLS with .keyword fields , allowing an attacker to gain read access to indexes through the restricted fields...

CVE-2023-23613 Field-level security issue with .keyword fields in OpenSearch

OpenSearch is an open source distributed and RESTful search engine. In affected versions there is an issue in the implementation of field-level security FLS and field masking where rules written to explicitly exclude fields are not correctly applied for certain queries that rely on their...

PT-2023-19075 · Unknown +1 · Opensearch +1

Name of the Vulnerable Software and Affected Versions: OpenSearch versions 1.0.0 through 1.3.7 OpenSearch versions 2.0.0 through 2.4.1 Description: There is an issue in the implementation of field-level security FLS and field masking where rules written to explicitly exclude fields are not...

CVE-2006-6400

Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the 1 Keyword and 2 Title fields, related to string length fields...