Описание
Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.10 | openshift-elasticsearch-plugin | Not affected | ||
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | Will not fix | ||
| Red Hat OpenShift Container Platform 3.9 | search-guard-2 | Not affected | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch5 | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1757411search-guard: values of string arrays in documents are not properly anonymized
EPSS
Процентиль: 36%
0.00151
Низкий
5.7 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
больше 6 лет назад
Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized.
CVSS3: 7.5
github
больше 3 лет назад
Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized.
EPSS
Процентиль: 36%
0.00151
Низкий
5.7 Medium
CVSS3