14 Total advisories
14 Vulnerabilities
0 Malware
Vulnerabilities
LOW 2.2
GHSA-x5hg-x4gv-j98m
OpenSearch has ineffective TLS certificate hostname verification
MEDIUM 5.3
GHSA-x83w-23jp-g6pw
OpenSearch Security plugin: DLS not applied on documents linked by has_child or has_parent relation
LOW 3.7
GHSA-83x9-vc3c-hghc
OpenSearch has a bypass of REST Layer Authorization Using Malformed Paths
LOW 2.2
GHSA-22vx-2x23-98w6
OpenSearch vulnerable to improper authorization for Rollover Requests
MEDIUM 5.7
GHSA-rrmm-wq7q-h4v5
OpenSearch unauthorized data access on fields protected by field masking for fields of type ip, geo_point, geo_shape, xy_point, xy_shape
MEDIUM 5.7
GHSA-2rjv-cv85-xhgm
OpenSearch unauthorized data access on fields protected by field level security if field is a member of an object
MEDIUM 5.7
CVE-2023-23613
Field-level security issue with .keyword fields in OpenSearch
MEDIUM 4.7
CVE-2023-23612
Issue with whitespace in JWT roles in OpenSearch
HIGH 7.5
GHSA-8wx3-324g-w4qq
OpenSearch uncontrolled resource consumption
MEDIUM 5.4
CVE-2023-45807
OpenSearch Issue with tenant read-only permissions
MEDIUM 4.8
CVE-2023-31141
OpenSearch issue with fine-grained access control during extremely rare race conditions
MEDIUM 5.3
CVE-2023-25806
OpenSearch has time discrepancy in authentication responses
MEDIUM 6.3
CVE-2022-41918
OpenSearch has issue with fine-grained access control of indices backing data streams
HIGH 7.5
CVE-2022-35980
OpenSearch vulnerable to Improper Authorization of Index Containing Sensitive Information
Ready to move
Start Securing
Free, no credit card | First findings in minutes