opensearch-3-repository-azure

Direct Vulnerabilities

Known vulnerabilities in the opensearch-3-repository-azure package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Allocation of Resources Without Limits or Throttling

<3.7.0-r0
  • L
HTTP Request Smuggling

<3.7.0-r0
  • M
Allocation of Resources Without Limits or Throttling

<3.7.0-r0
  • L
Information Exposure

<3.7.0-r0
  • L
Improper Verification of Cryptographic Signature

<3.7.0-r0
  • H
Resource Exhaustion

<3.7.0-r0
  • L
Improper Verification of Source of a Communication Channel

<3.7.0-r0
  • L
Resource Exhaustion

<3.7.0-r0
  • L
Use of Insufficiently Random Values

<3.7.0-r0
  • L
Allocation of Resources Without Limits or Throttling

<3.7.0-r0
  • C
Insufficient Verification of Data Authenticity

<3.7.0-r0
  • L
Improper Access Control

<3.7.0-r0
  • C
Insufficient Verification of Data Authenticity

<3.7.0-r0
  • L
Resource Exhaustion

<3.7.0-r0
  • L
Resource Exhaustion

<3.7.0-r0
  • H
HTTP Response Splitting

<3.7.0-r0
  • L
Integer Overflow or Wraparound

<3.7.0-r0
  • H
HTTP Request Smuggling

<3.7.0-r0
  • L
Resource Exhaustion

<3.7.0-r0
  • C
Improper Input Validation

<3.7.0-r0
  • C
HTTP Request Smuggling

<3.7.0-r0
  • L
Allocation of Resources Without Limits or Throttling

<3.7.0-r0
  • C
HTTP Request Smuggling

<3.7.0-r0
  • L
CRLF Injection

<3.7.0-r0
  • L
CVE-2026-5598

<3.2.0-r0
  • L
Information Exposure Through Server Log Files

<3.4.0-r0
  • L
Improper Validation of Specified Index, Position, or Offset in Input

<3.6.0-r0
  • L
CVE-2026-0636

<3.2.0-r0
  • L
CVE-2026-5588

<3.2.0-r0
  • H
Improper Neutralization

<3.2.0-r0
  • L
Race Condition

<3.6.0-r0
  • L
HTTP Request Smuggling

<3.6.0-r0
  • H
Allocation of Resources Without Limits or Throttling

<3.6.0-r0
  • L
Deserialization of Untrusted Data

<3.6.0-r0
  • L
GHSA-72hv-8253-57qq

<3.6.0-r0
  • M
Improper Certificate Validation

<3.5.0-r0
  • L
CRLF Injection

<3.5.0-r0
  • C
XML External Entity (XXE) Injection

<3.3.0-r0
  • H
Uncontrolled Recursion

<3.3.0-r0
  • L
CVE-2025-12194

<3.3.2-r0
  • L
Uncontrolled Recursion

<3.2.0-r0
  • L
CVE-2025-8916

<3.2.0-r0
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

<3.3.0-r0
  • L
CVE-2025-48734

<3.2.0-r0
  • L
Uncontrolled Recursion

<3.3.0-r0
  • L
CVE-2025-22227

<3.3.0-r0
  • L
XML External Entity (XXE) Injection

<3.3.0-r0
  • H
HTTP Request Smuggling

<3.3.0-r0
  • L
CVE-2025-8885

<3.3.0-r0
  • H
Allocation of Resources Without Limits or Throttling

<3.3.0-r0