Medium
CVE-2013-4758
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows r…
Tag: Elasticsearch
All CVEs associated with "Elasticsearch". Page 2/2 • 121 CVEs.
Subscribe CVEs: RSS for “Elasticsearch” · RSS (High+Critical only)
About “Elasticsearch”
A curated feed of “Elasticsearch”-related CVEs appears below. We currently track 121 CVEs for this tag (all time). In the last 365 days, 20 were published. Average CVSS is 6.3 (all time; 6.2 over 365d), and 31% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-863 - Incorrect Authorization, CWE-532 - Insertion of Sensitive Information into Log File.
In our taxonomy this topic maps to a MODERATE impact class. Databases, proxies, and web servers often need coordinated restarts and config checks. Patch only modules you deploy, verify TLS and authentication, and tune limits. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0