Search CVE reports
1 – 4 of 4 results
CVE-2023-45807
Medium priorityOpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards...
1 affected package
opensearch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
opensearch | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
CVE-2023-31141
Medium priorityOpenSearch is open-source software suite for search, analytics, and observability applications. Prior to versions 1.3.10 and 2.7.0, there is an issue with the implementation of fine-grained access control rules (document-level...
1 affected package
opensearch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
opensearch | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
CVE-2023-23613
Medium priorityOpenSearch is an open source distributed and RESTful search engine. In affected versions there is an issue in the implementation of field-level security (FLS) and field masking where rules written to explicitly exclude fields are...
1 affected package
opensearch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
opensearch | Needs evaluation | Not in release | Not in release | Ignored | Ignored |
CVE-2023-23612
Medium priorityOpenSearch is an open source distributed and RESTful search engine. OpenSearch uses JWTs to store role claims obtained from the Identity Provider (IdP) when the authentication backend is SAML or OpenID Connect. There is an issue...
1 affected package
opensearch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
opensearch | Needs evaluation | Not in release | Not in release | Ignored | Ignored |