opensearch-2-repository-azure

Direct Vulnerabilities

Known vulnerabilities in the opensearch-2-repository-azure package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Incomplete Blacklist

<2.19.6-r0
  • L
Use of Insufficiently Random Values

<2.19.6-r0
  • M
Allocation of Resources Without Limits or Throttling

<2.19.6-r0
  • L
Server-Side Request Forgery (SSRF)

<2.19.6-r0
  • H
Resource Exhaustion

<2.19.6-r0
  • L
Incomplete Blacklist

<2.19.6-r0
  • L
HTTP Request Smuggling

<2.19.6-r0
  • L
Improper Access Control

<2.19.6-r0
  • L
Resource Exhaustion

<2.19.6-r0
  • L
Allocation of Resources Without Limits or Throttling

<2.19.6-r0
  • L
Improper Verification of Cryptographic Signature

<2.19.6-r0
  • C
Insufficient Verification of Data Authenticity

<2.19.6-r0
  • C
Insufficient Verification of Data Authenticity

<2.19.6-r0
  • L
Resource Exhaustion

<2.19.6-r0
  • C
HTTP Request Smuggling

<2.19.6-r0
  • C
HTTP Request Smuggling

<2.19.6-r0
  • C
Improper Input Validation

<2.19.6-r0
  • L
Resource Exhaustion

<2.19.6-r0
  • H
HTTP Response Splitting

<2.19.6-r0
  • L
Integer Overflow or Wraparound

<2.19.6-r0
  • H
HTTP Request Smuggling

<2.19.6-r0
  • L
CRLF Injection

<2.19.6-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.19.6-r0
  • L
HTTP Request Smuggling

<2.19.6-r0
  • L
Deserialization of Untrusted Data

*
  • H
Improper Encoding or Escaping of Output

*
  • H
Improper Encoding or Escaping of Output

*
  • H
Improper Output Neutralization for Logs

*
  • L
Race Condition

*
  • M
Improper Validation of Certificate with Host Mismatch

*
  • L
CVE-2026-5588

*
  • L
Information Exposure Through Server Log Files

*
  • L
GHSA-72hv-8253-57qq

*
  • L
Information Exposure

*
  • L
CRLF Injection

<2.19.5-r0
  • C
XML External Entity (XXE) Injection

<2.19.4-r0
  • H
Uncontrolled Recursion

<2.19.4-r0
  • L
CVE-2025-27817

<2.19.4-r0
  • L
XML External Entity (XXE) Injection

<2.19.4-r0
  • L
Uncontrolled Recursion

<2.19.4-r0
  • L
CVE-2025-8885

<2.19.4-r0
  • H
Allocation of Resources Without Limits or Throttling

<2.19.4-r0
  • L
Uncontrolled Recursion

<2.19.4-r0
  • H
HTTP Request Smuggling

<2.19.4-r0
  • L
CVE-2025-27820

<2.19.3-r0
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<2.19.4-r0
  • L
CVE-2025-48734

<2.19.3-r0
  • L
CVE-2025-22227

<2.19.4-r0
  • L
CVE-2025-8916

<2.19.4-r0
  • L
CVE-2024-57699

<2.19.3-r0
  • L
CVE-2025-31672

<2.19.4-r0