Elastic App Search Elastic App Search

Do you want an email whenever new security vulnerabilities are reported in Elastic App Search?

By the Year

In 2024 there have been 0 vulnerabilities in Elastic App Search . Elastic App Search did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 1 7.50
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Elastic App Search vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Elastic App Search Security Vulnerabilities

Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity Injection issue (XXE) in the App Search web crawler beta feature

CVE-2021-22140 7.5 - High - May 13, 2021

Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity Injection issue (XXE) in the App Search web crawler beta feature. Using this vector, an attacker whose website is being crawled by App Search could craft a malicious sitemap.xml to traverse the filesystem of the host running the instance and obtain sensitive files.

XXE

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Elastic App Search or by Elastic? Click the Watch button to subscribe.

Elastic
Vendor

subscribe