Filtered by vendor Elasticsearch
Subscriptions
Filtered by product Logstash
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-14730 | 2 Elasticsearch, Gentoo | 2 Logstash, Linux | 2024-11-21 | N/A |
The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1 has "chown -R" calls for user-writable directory trees, which allows local users to gain privileges by leveraging access to a $LS_USER account for creation of a hard link. | ||||
CVE-2015-5619 | 2 Elastic, Elasticsearch | 2 Logstash, Logstash | 2024-11-21 | N/A |
Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder does not validate SSL/TLS certificates from the Logstash server, which might allow attackers to obtain sensitive information via a man-in-the-middle attack. | ||||
CVE-2015-5378 | 2 Elastic, Elasticsearch | 2 Logstash, Logstash | 2024-11-21 | N/A |
Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server. |
Page 1 of 1.