Logstash-core
This hub aggregates every CVE we track for Logstash-core, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
HIGH1MEDIUM1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 2 most recently published vulnerabilities affecting Logstash-core.
- CVE-2016-1000221Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information.7.5
- CVE-2016-10362Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials.6.5
Product normalization is registry-driven with AI assist and human review. How it works