search

iomega / paired-data-form

Linking mas spectra and genomic information to discover new chemistry
https://pairedomicsdata.bioinformatics.nl
Apache License 2.0
5 stars 4 forks source link

Elastic Search - possible vulnerability #191

Closed justinjjvanderhooft closed 2 years ago

justinjjvanderhooft commented 2 years ago

Describe the bug Current version of elastic search seems to be unsafe. See email of WUR sys admin for further details:

Onder oplossen verstaan we : Uitzetten onveilige containers Verwijderen onveilige images Eventueel installeren en starten van veilige versie

De nieuwste versie van de officiele docker heeft het lek gedicht.

To Reproduce Steps to reproduce the behavior:

  1. Go to '...'
  2. Click on '....'
  3. Scroll down to '....'
  4. See error

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

Smartphone (please complete the following information):

Additional context Add any other context about the problem here.

justinjjvanderhooft commented 2 years ago

This is related to the log4j vulnerability (used within elastic search).

sverhoeven commented 2 years ago

I upgraded to https://github.com/elastic/elasticsearch/releases/tag/v7.16.2 which solves the log4j vulnerability.