Vulnerabilidades em floragunn
16 resultadosCVE-2019-13420—Search Guard versions before 21.0 had an timing side channel issue when using the internal user database.EPSS 1.2%CVE-2019-13421—Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configuEPSS 1.1%CVE-2019-13417—Search Guard versions before 24.0 had an issue that field caps and mapping API leak field names (but not values) for fields which are not alEPSS 1.1%CVE-2019-13415—Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users can gain read access to dataEPSS 1.0%CVE-2019-13416—Search Guard versions before 24.3 had an issue when Cross Cluster Search (CCS) was enabled, authenticated users are always authorized on theEPSS 1.0%CVE-2019-13419—Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked.EPSS 0.9%CVE-2019-13418—Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized.EPSS 0.9%CVE-2019-13422—Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to a potentially EPSS 0.9%CVE-2019-13423—Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kEPSS 0.7%CVE-2025-12149MEDIUMUnauthorized access to documents protected by Document-Level Security (DLS), when Signals watches include a search query involving protected documentsEPSS 0.2%CVE-2025-12148MEDIUMUnauthorized access to fields protected by Field Masking (FM) for fields of type IPEPSS 0.2%CVE-2025-12147MEDIUMUnauthorized access to fields protected by Field-Level Security (FLS) when those fields are members of an objectEPSS 0.2%CVE-2026-4819MEDIUMSearch Guard audit logs can contain under certain conditions user credentialsEPSS 0.2%CVE-2026-4818MEDIUMSome management operations on data streams are not properly restricted when user does not have the necessary privilegesEPSS 0.2%CVE-2026-4799MEDIUMOpen redirect vulnerability in Search Guard Kibana Plugin via manipulated requestsEPSS 0.2%CVE-2025-13653MEDIUMUnauthorized access to documents in data streams with specially crafted requestsEPSS 0.2%