Closed deepagkanaka closed 8 months ago
Describe the bug Following security items exists in opensearchproject/logstash-oss-with-opensearch-output-plugin [8.4.0]
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40">
Describe the bug Following security items exists in opensearchproject/logstash-oss-with-opensearch-output-plugin [8.4.0]
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40">
Component | Version | CVE | Fixed in -- | -- | -- | -- bundler | 2.2.29 | CVE-2021-43809 | org.yaml_snakeyaml | 1.3 | CVE-2022-25857 | 1.31 org.yaml_snakeyaml | 1.28 | CVE-2022-25857 | 1.31 org.yaml_snakeyaml | 1.18 | CVE-2017-18640 | 1.26 org.yaml_snakeyaml | 1.18 | CVE-2022-25857 | 1.31 com.fasterxml.jackson.core_jackson-databind | 2.9.10.8 | CVE-2020-36518 | 2.12.6.1, 2.13.2.1 io.netty_netty-all | 4.1.65 | CVE-2021-37136 | 4.1.68 io.netty_netty-all | 4.1.65 | CVE-2021-37137 | 4.1.68 com.google.code.gson_gson | 2.8.5 | CVE-2022-25647 | 2.8.9 go | 1.19 | CVE-2022-32190 | go | 1.19 | CVE-2022-27664 | 1.19.1, 1.18.6