Package impact
Maven / org.elasticsearch:elasticsearch
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-5531 | medium | — | 6.0 | 11y ago | Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch | |||
| CVE-2015-3337 | medium | — | 5.3 | 11y ago | Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch | |||
| CVE-2014-3120 | unknown | — | 2.5 | 4y ago | Elasticsearch enables dynamic scripting, which allows remote attackers to execute arbitrary MVEL expressions and Java code. | |||
| CVE-2015-1427 | unknown | — | 2.5 | 4y ago | The Groovy scripting engine in Elasticsearch allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands. |