elasticsearch-8 vulnerabilities

Known vulnerabilities in the elasticsearch-8 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L GHSA-gmg8-593g-7mv3	<8.18.0-r1
L Improper Input Validation	<8.18.0-r1
M Incorrect Authorization	<8.17.0-r0
L GHSA-5mpw-4546-2wcr	<8.17.0-r0
L CVE-2024-7254	<8.15.3-r0
L GHSA-735f-pc8j-v9w8	<8.15.3-r0
L GHSA-4c7q-m7hc-pc92	<8.14.1-r0
L GHSA-4q22-422g-m4pj	<8.14.1-r0
M Out-of-bounds Write	<8.14.1-r0
L CVE-2024-23445	<8.14.1-r0
L CVE-2024-30171	<8.13.4-r1
L CVE-2024-30172	<8.13.4-r1
L GHSA-4h8f-2wvx-gg5w	<8.13.4-r1
L GHSA-8xfc-gm6g-vgpv	<8.13.4-r1
L CVE-2024-34447	<8.13.4-r1
L GHSA-m44j-cfrm-g8qc	<8.13.4-r1
L CVE-2024-29857	<8.13.4-r1
L GHSA-v435-xc8x-wvr9	<8.13.4-r1
L GHSA-4265-ccf5-phj5	<8.13.2-r1
L GHSA-xpw8-rcwv-8f8p	<8.13.2-r1
H CVE-2023-52428	<8.13.2-r1
L GHSA-gvpg-vgmx-xg6w	<8.13.2-r1
M Allocation of Resources Without Limits or Throttling	<8.13.2-r1
L GHSA-5jpm-x58v-624v	<8.13.2-r1
L GHSA-jw7r-rxff-gv24	<8.13.2-r1
M Arbitrary Code Injection	<8.13.2-r1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<8.13.2-r1
H Uncontrolled Recursion	<8.13.2-r1
L GHSA-4g9r-vxhx-9pgx	<8.13.2-r1
L CVE-2024-29025	<8.13.2-r1
L GHSA-493p-pfq6-5258	<8.13.2-r1
M Incorrect Authorization	<8.13.1-r0
L GHSA-w5gg-2q56-6h4f	<8.13.1-r0
H CVE-2024-23450	<8.13.1-r0
L GHSA-r3hx-qfh5-r9m7	<8.13.1-r0
L GHSA-hr8g-6v94-x4m9	<8.12.1-r0
M Improper Certificate Validation	<8.12.1-r0
H Directory Traversal	<8.12.1-r0
L GHSA-xjhv-p3fv-x24r	<8.12.1-r0
L GHSA-q24v-hpg3-v3jp	<8.12.1-r0
L GHSA-68m8-v89j-7j2p	<8.12.1-r0
H CVE-2023-34054	<8.12.1-r0
M Race Condition	<8.12.1-r0
L GHSA-xfrj-6vvc-3xm2	<8.12.1-r0
M Use After Free	<8.12.1-r0
L GHSA-6xx3-rg99-gc3p	<8.12.1-r0
M Information Exposure Through Log Files	<8.12.1-r0

Vulnerability

Vulnerable Version

GHSA-gmg8-593g-7mv3

<8.18.0-r1

Improper Input Validation

<8.18.0-r1

Incorrect Authorization

<8.17.0-r0

GHSA-5mpw-4546-2wcr

<8.17.0-r0

CVE-2024-7254

<8.15.3-r0