FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-06-16 08:24:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ae8c09cb-32da-11e5-a4a5-002590263bf5elasticsearch -- directory traversal attack via snapshot API

Elastic reports:

Vulnerability Summary: Elasticsearch versions from 1.0.0 to 1.6.0 are vulnerable to a directory traversal attack.

Remediation Summary: Users should upgrade to 1.6.1 or later, or constrain access to the snapshot API to trusted sources.


Discovery 2015-07-16
Entry 2015-08-05
elasticsearch
ge 1.0.0 lt 1.6.1

CVE-2015-5531
ports/201834
https://www.elastic.co/community/security
fb3668df-32d7-11e5-a4a5-002590263bf5elasticsearch -- remote code execution via transport protocol

Elastic reports:

Vulnerability Summary: Elasticsearch versions prior to 1.6.1 are vulnerable to an attack that can result in remote code execution.

Remediation Summary: Users should upgrade to 1.6.1 or 1.7.0. Alternately, ensure that only trusted applications have access to the transport protocol port.


Discovery 2015-07-16
Entry 2015-08-05
elasticsearch
< 1.6.1

CVE-2015-5377
ports/201834
https://www.elastic.co/community/security