Elastic Logstash 6.0.0 Release Candidate 1

CPE Details

Elastic Logstash 6.0.0 Release Candidate 1
elastic
logstash
6.0.0
2019-06-17
13h42 +00:00
2019-06-17
13h42 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:elastic:logstash:6.0.0:rc1:*:*:*:*:*:*

Informations

Vendor

elastic

Product

logstash

Version

6.0.0

Update

rc1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-7620 2019-10-30 12h38 +00:00 Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding.
7.5
High
CVE-2019-7612 2019-03-25 17h34 +00:00 A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of the Logstash configuration, the credentials for the URL could be inadvertently logged as part of the error message.
9.8
Critical
CVE-2018-3817 2018-03-30 18h00 +00:00 When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information.
6.5
Medium