VYPR

apk package

chainguard/elasticsearch-7-bitnami

pkg:apk/chainguard/elasticsearch-7-bitnami

Vulnerabilities (24)

  • CVE-2022-45146Nov 21, 2022
    affected < 7.17.15-r0fixed 7.17.15-r0

    An issue was discovered in the FIPS Java API of Bouncy Castle BC-FJA before 1.0.2.4. Changes to the JVM garbage collector in Java 13 and later trigger an issue in the BC-FJA FIPS modules where it is possible for temporary keys used by the module to be zeroed out while still in us

  • CVE-2021-40690Sep 19, 2021
    affected < 7.17.14-r2fixed 7.17.14-r2

    All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform

  • CVE-2020-8908Dec 10, 2020
    affected < 0fixed 0

    A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the

  • CVE-2018-10237MedApr 26, 2018
    affected < 0fixed 0

    Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with J

Page 2 of 2