VYPR

RubyGems package

opensearch-ruby

pkg:gem/opensearch-ruby

Vulnerabilities (1)

  • CVE-2022-31115Jun 30, 2022
    affected >= 2.0.0, < 2.0.2fixed 2.0.2

    opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. In versions prior to 2.0.1 the ruby `YAML.load` function was used instead of `YAML.safe_load`. As a result opensearch-ruby 2.0.0 and prior can lead to unsafe deserialization using YAML.load if the resp