opensearch-3-repository-gcs

Direct Vulnerabilities

Known vulnerabilities in the opensearch-3-repository-gcs package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L CVE-2026-5598	<3.2.0-r0
L Information Exposure Through Server Log Files	<3.4.0-r0
L Improper Validation of Specified Index, Position, or Offset in Input	<3.6.0-r0
L CVE-2026-0636	<3.2.0-r0
L CVE-2026-5588	<3.2.0-r0
H Improper Neutralization	<3.2.0-r0
L Race Condition	<3.6.0-r0
L HTTP Request Smuggling	<3.6.0-r0
H Allocation of Resources Without Limits or Throttling	<3.6.0-r0
L Deserialization of Untrusted Data	<3.6.0-r0
L GHSA-72hv-8253-57qq	<3.6.0-r0
L Information Exposure	*
M Improper Certificate Validation	<3.5.0-r0
L CRLF Injection	<3.5.0-r0
C XML External Entity (XXE) Injection	<3.3.0-r0
H Uncontrolled Recursion	<3.3.0-r0
L CVE-2025-12194	<3.3.2-r0
L Uncontrolled Recursion	<3.2.0-r0
L CVE-2025-8916	<3.2.0-r0
H Improper Handling of Highly Compressed Data (Data Amplification)	<3.3.0-r0
L CVE-2025-48734	<3.2.0-r0
L Uncontrolled Recursion	<3.3.0-r0
L CVE-2025-22227	<3.3.0-r0
L XML External Entity (XXE) Injection	<3.3.0-r0
H HTTP Request Smuggling	<3.3.0-r0
L CVE-2025-8885	<3.3.0-r0
H Allocation of Resources Without Limits or Throttling	<3.3.0-r0