org.elasticsearch:elasticsearch vulnerabilities

Elasticsearch subproject :server

Latest version: 7.3.2

Licenses detected

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the org.elasticsearch:elasticsearch package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • H
Information Exposure
[6.0.0, 6.3.0) Not available 02 Sep, 2019
  • H
Information Exposure
[5.6.0, 5.6.12),[6.0.0, 6.4.1) Not available 02 Sep, 2019
  • M
Information Exposure
[6.4.0, 6.4.3) Not available 02 Sep, 2019
  • M
XML External Entity (XXE) Injection
[6.5.0, 6.5.2) Not available 02 Sep, 2019
  • H
Privilege Escalation
[,5.6.15),[6.0.0, 6.6.1) Not available 02 Sep, 2019
  • M
Race Condition
[,6.8.2),[7.0.0, 7.2.1) Not available 02 Sep, 2019
  • M
Information Exposure
[6.0.0, 6.3.0) Not available 19 Sep, 2018
  • M
Cross-site Scripting (XSS)
(,1.3.4] Not available 25 Dec, 2016
  • M
Directory Traversal
[,1.4.5),[1.5.0,1.5.2) Not available 09 Jun, 2016
  • H
Arbitrary Code Execution
(,1.6.0] Not available 16 Jul, 2015
  • M
Directory Traversal
[,1.6.1) Not available 16 Jul, 2015
  • H
Arbitrary code execution
[,1.5.2] Not available 10 Jun, 2015
  • H
Improper Access Control
[0.6.0,1.3.8),[1.4.0,1.4.3) Not available 18 Feb, 2015