opensearch-2-performance-analyzer

Direct Vulnerabilities

Known vulnerabilities in the opensearch-2-performance-analyzer package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Improper Verification of Cryptographic Signature

<2.19.6-r0
  • L
Incomplete Blacklist

<2.19.6-r0
  • M
Allocation of Resources Without Limits or Throttling

<2.19.6-r0
  • L
Server-Side Request Forgery (SSRF)

<2.19.6-r0
  • H
Resource Exhaustion

<2.19.6-r0
  • L
Incomplete Blacklist

<2.19.6-r0
  • L
HTTP Request Smuggling

<2.19.6-r0
  • L
Resource Exhaustion

<2.19.6-r0
  • L
Allocation of Resources Without Limits or Throttling

<2.19.6-r0
  • L
Improper Access Control

<2.19.6-r0
  • L
Resource Exhaustion

<2.19.6-r0
  • C
HTTP Request Smuggling

<2.19.6-r0
  • C
HTTP Request Smuggling

<2.19.6-r0
  • L
Resource Exhaustion

<2.19.6-r0
  • H
HTTP Response Splitting

<2.19.6-r0
  • L
Integer Overflow or Wraparound

<2.19.6-r0
  • H
HTTP Request Smuggling

<2.19.6-r0
  • L
CRLF Injection

<2.19.6-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.19.6-r0
  • L
HTTP Request Smuggling

<2.19.6-r0
  • L
Deserialization of Untrusted Data

*
  • H
Improper Encoding or Escaping of Output

*
  • H
Improper Encoding or Escaping of Output

<2.19.6-r0
  • H
Improper Output Neutralization for Logs

<2.19.6-r0
  • L
CVE-2026-0636

*
  • L
Race Condition

*
  • M
Improper Validation of Certificate with Host Mismatch

<2.19.6-r0
  • L
CVE-2026-5588

*
  • L
Information Exposure Through Server Log Files

*
  • L
CVE-2026-5598

*
  • L
GHSA-72hv-8253-57qq

<2.19.6-r0
  • L
Information Exposure

*
  • L
CRLF Injection

<2.19.5-r0
  • M
Improper Certificate Validation

<2.19.5-r0
  • C
XML External Entity (XXE) Injection

<2.19.4-r0
  • H
Uncontrolled Recursion

<2.19.4-r0
  • L
CVE-2025-27817

<2.19.4-r0
  • L
XML External Entity (XXE) Injection

<2.19.4-r0
  • L
Uncontrolled Recursion

<2.19.4-r0
  • L
CVE-2025-8885

<2.19.4-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.19.4-r0
  • L
Uncontrolled Recursion

<2.19.4-r0
  • H
HTTP Request Smuggling

<2.19.4-r0
  • L
CVE-2025-27820

<2.19.3-r0
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<2.19.4-r0
  • L
CVE-2025-48734

<2.19.3-r0
  • L
CVE-2025-22227

<2.19.4-r0
  • L
CVE-2025-8916

<2.19.4-r0
  • L
CVE-2024-57699

<2.19.3-r0
  • L
CVE-2025-31672

<2.19.4-r0