opensearch
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting opensearch.
- CVE-2025-9624OpenSearch 3.2.0 - Nested Boolean/Disjunction asymmetric DoS7.5
- CVE-2024-39900OpenSearch Dashboards Reports does not properly restrict access to private tenant resources5.4
- CVE-2024-39901OpenSearch Observability does not properly restrict access to private tenant resources4.2
- CVE-2023-33201Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certif...5.3
- CVE-2023-34455snappy-java's unchecked chunk length leads to DoS7.5
- CVE-2023-34454snappy-java's Integer Overflow vulnerability in compress leads to DoS5.9
- CVE-2023-34453snappy-java's Integer Overflow vulnerability in shuffle leads to DoS5.9
- CVE-2023-2976Use of temporary directory for file creation in `FileBackedOutputStream` in Guava5.5
- CVE-2022-1471Remote Code execution in SnakeYAML8.3
- CVE-2022-34169Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets7.5
- CVE-2021-37714Crafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions7.5
- CVE-2021-26291block repositories using http by default9.1
- CVE-2021-28168Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of...6.2
- CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8
- CVE-2020-13956Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target ho...5.3