This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-06-16 08:24:44 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
a71e7440-1ba3-11e5-b43d-002590263bf5 | elasticsearch -- directory traversal attack with site plugins Elastic reports:
Discovery 2015-04-27 Entry 2015-06-26 elasticsearch < 1.4.5 ge 1.5.0 lt 1.5.2 CVE-2015-3337 74353 https://www.elastic.co/community/security https://www.elastic.co/blog/elasticsearch-1-5-2-and-1-4-5-released https://www.exploit-db.com/exploits/37054/ https://packetstormsecurity.com/files/131646/Elasticsearch-Directory-Traversal.html http://www.securityfocus.com/archive/1/535385 |
fb3668df-32d7-11e5-a4a5-002590263bf5 | elasticsearch -- remote code execution via transport protocol Elastic reports:
Discovery 2015-07-16 Entry 2015-08-05 elasticsearch < 1.6.1 CVE-2015-5377 ports/201834 https://www.elastic.co/community/security |
ae8c09cb-32da-11e5-a4a5-002590263bf5 | elasticsearch -- directory traversal attack via snapshot API Elastic reports:
Discovery 2015-07-16 Entry 2015-08-05 elasticsearch ge 1.0.0 lt 1.6.1 CVE-2015-5531 ports/201834 https://www.elastic.co/community/security |
23232028-1ba4-11e5-b43d-002590263bf5 | elasticsearch -- security fix for shared file-system repositories Elastic reports:
Discovery 2015-06-09 Entry 2015-06-26 elasticsearch ge 1.0.0 lt 1.6.0 CVE-2015-4165 ports/201008 https://www.elastic.co/community/security https://www.elastic.co/blog/elasticsearch-1-6-0-released |
5951fb49-1ba2-11e5-b43d-002590263bf5 | elasticsearch -- cross site scripting vulnerability in the CORS functionality Elastic reports:
Discovery 2014-10-01 Entry 2015-06-26 elasticsearch < 1.4.0 CVE-2014-6439 70233 https://www.elastic.co/community/security https://www.elastic.co/blog/elasticsearch-1-4-0-beta-released https://packetstormsecurity.com/files/128556/Elasticsearch-1.3.x-CORS-Issue.html http://www.securityfocus.com/archive/1/archive/1/533602/100/0/threaded |
026759e0-1ba3-11e5-b43d-002590263bf5 | elasticsearch -- remote OS command execution via Groovy scripting engine Elastic reports:
Discovery 2015-02-11 Entry 2015-06-26 elasticsearch ge 1.3.0 lt 1.3.8 ge 1.4.0 lt 1.4.3 CVE-2015-1427 72585 https://www.elastic.co/community/security https://www.elastic.co/blog/elasticsearch-1-4-3-and-1-3-8-released http://www.securityfocus.com/archive/1/archive/1/534689/100/0/threaded https://packetstormsecurity.com/files/130368/Elasticsearch-1.3.7-1.4.2-Sandbox-Escape-Command-Execution.html https://packetstormsecurity.com/files/130784/ElasticSearch-Unauthenticated-Remote-Code-Execution.html |