Vulnerabilities > Elastic > Logstash > 6.4.0

DATE CVE VULNERABILITY TITLE RISK
2021-05-13 CVE-2021-22138 Improper Certificate Validation vulnerability in Elastic Logstash
In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature.
network
elastic CWE-295
4.3
4.3
2019-10-30 CVE-2019-7620 Unspecified vulnerability in Elastic Logstash
Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin.
network
low complexity
elastic
5.0
5.0
2019-03-25 CVE-2019-7612 Credentials Management vulnerability in multiple products
A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs.
network
low complexity
elastic netapp CWE-255
5.0
5.0