SUSE CVE-2018-3827

A sensitive data disclosure flaw was found in the Elasticsearch repository-azure formerly elasticsearch-cloud-azure plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged...

Elastic Stack 6.3.0 and 5.6.10 Security Update

Elasticsearch Information Exposure Vulnerability ESA-2018-10 In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the snapshot API. When the accesskey and securitykey parameters are set using the snapshot API they can be exposed as plain text by users able to query the...