This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-06-16 08:24:44 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
5951fb49-1ba2-11e5-b43d-002590263bf5 | elasticsearch -- cross site scripting vulnerability in the CORS functionality Elastic reports:
Discovery 2014-10-01 Entry 2015-06-26 elasticsearch < 1.4.0 CVE-2014-6439 70233 https://www.elastic.co/community/security https://www.elastic.co/blog/elasticsearch-1-4-0-beta-released https://packetstormsecurity.com/files/128556/Elasticsearch-1.3.x-CORS-Issue.html http://www.securityfocus.com/archive/1/archive/1/533602/100/0/threaded |
a71e7440-1ba3-11e5-b43d-002590263bf5 | elasticsearch -- directory traversal attack with site plugins Elastic reports:
Discovery 2015-04-27 Entry 2015-06-26 elasticsearch < 1.4.5 ge 1.5.0 lt 1.5.2 CVE-2015-3337 74353 https://www.elastic.co/community/security https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released https://www.exploit-db.com/exploits/37054/ https://packetstormsecurity.com/files/131646/Elasticsearch-Directory-Traversal.html http://www.securityfocus.com/archive/1/535385 |
fb3668df-32d7-11e5-a4a5-002590263bf5 | elasticsearch -- remote code execution via transport protocol Elastic reports:
Discovery 2015-07-16 Entry 2015-08-05 elasticsearch < 1.6.1 CVE-2015-5377 ports/201834 https://www.elastic.co/community/security |
43ac9d42-1b9a-11e5-b43d-002590263bf5 | elasticsearch and logstash -- remote OS command execution via dynamic scripting Elastic reports:
Discovery 2014-05-22 Entry 2015-06-26 elasticsearch < 1.2.0 logstash < 1.4.3 CVE-2014-3120 67731 https://www.elastic.co/community/security https://www.elastic.co/blog/elasticsearch-1-2-0-released https://www.elastic.co/blog/logstash-1-4-3-released https://www.exploit-db.com/exploits/33370/ http://bouk.co/blog/elasticsearch-rce/ http://www.rapid7.com/db/modules/exploit/multi/elasticsearch/script_mvel_rce https://www.found.no/foundation/elasticsearch-security/#staying-safe-while-developing-with-elasticsearch |