Vulnerabilities (CVE)

Vendor filter

Elastic Subscribe

Product filter

Logstash Subscribe


3 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-7612 2 Netapp, Elastic 2 Active Iq Performance Analytics Services, Logstash 2019-10-09 5.0
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged...
CVE-2018-3817 2 Elasticsearch, Elastic 2 Logstash, Logstash 2019-10-09 4.0
When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information.
CVE-2016-10363 2 Elasticsearch, Elastic 2 Logstash, Logstash 2019-10-09 5.0
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these...