Vulnerabilities > Amazon > Opensearch

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-45807 Improper Preservation of Permissions vulnerability in Amazon Opensearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021.
network
low complexity
amazon CWE-281
5.4
5.4
2023-05-08 CVE-2023-31141 Incorrect Authorization vulnerability in Amazon Opensearch Security
OpenSearch is open-source software suite for search, analytics, and observability applications.
network
high complexity
amazon CWE-863
5.9
5.9
2023-03-02 CVE-2023-25806 Information Exposure Through Discrepancy vulnerability in Amazon Opensearch and Opensearch Security
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization.
network
low complexity
amazon CWE-203
5.3
5.3
2023-02-03 CVE-2023-23933 Out-of-bounds Read vulnerability in Amazon Opensearch
OpenSearch Anomaly Detection identifies atypical data and receives automatic notifications.
network
low complexity
amazon CWE-125
4.3
4.3
2023-01-26 CVE-2023-23612 Improper Authentication vulnerability in Amazon Opensearch
OpenSearch is an open source distributed and RESTful search engine.
network
low complexity
amazon CWE-287
8.8
8.8
2023-01-26 CVE-2023-23613 Information Exposure vulnerability in Amazon Opensearch
OpenSearch is an open source distributed and RESTful search engine.
network
low complexity
amazon CWE-200
6.5
6.5
2022-11-16 CVE-2022-41917 Improper Handling of Exceptional Conditions vulnerability in Amazon Opensearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana.
network
low complexity
amazon CWE-755
4.3
4.3
2022-11-15 CVE-2022-41918 Unspecified vulnerability in Amazon Opensearch
OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana.
network
low complexity
amazon
6.3
6.3
2022-08-12 CVE-2022-35980 Unspecified vulnerability in Amazon Opensearch 2.0.0/2.1.0
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization.
network
low complexity
amazon
7.5
7.5
2022-06-30 CVE-2022-31115 Deserialization of Untrusted Data vulnerability in Amazon Opensearch 1.0.0/2.0.0/2.0.1
opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby.
network
low complexity
amazon CWE-502
8.8
8.8