Created
November 17, 2022 02:15
-
-
Save pdxjohnny/81977fa3effe189146bfbcfe04ed5fc8 to your computer and use it in GitHub Desktop.
intel/cve-bin-tool: tests: add tests for NVD 2.0 API: https://github.com/intel/cve-bin-tool/issues/2334#issuecomment-1315643093: https://github.com/intel/dffml/discussions/1406?sort=new#discussioncomment-4146655
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:10:50:352 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:08:50:348 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 2000 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:10Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 2001, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:12:55:021 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:10:55:017 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:12Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "lastModEndDate": "2022-11-17T02:11:45:962", | |
| "lastModStartDate": "2022-11-15T02:09:45:958", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:11Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:02:50:558 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:00:50:553 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 2000 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:02Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 2001, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:07:52:879 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:05:52:875 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 2000 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:07Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 2001, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:07:52:879 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:05:52:875 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:07Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:11:45:943 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:09:45:938 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 2000 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:11Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 2001, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:02:50:558 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:00:50:553 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:02Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "lastModEndDate": "2022-11-17T02:07:52:898", | |
| "lastModStartDate": "2022-11-15T02:05:52:894", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:07Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:12:55:021 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:10:55:017 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 2000 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:12Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 2001, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:10:06:501 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:08:06:497 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 2000 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:10Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 2001, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:10:06:501 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:08:06:497 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:10Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:11:45:943 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:09:45:938 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:11Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "includeMatchStringChange": "true", | |
| "modEndDate": "2022-11-17T02:10:50:352 UTC-00:00", | |
| "modStartDate": "2022-11-15T02:08:50:348 UTC-00:00", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:10Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "lastModEndDate": "2022-11-17T02:10:50:373", | |
| "lastModStartDate": "2022-11-15T02:08:50:368", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:10Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "lastModEndDate": "2022-11-17T02:10:06:521", | |
| "lastModStartDate": "2022-11-15T02:08:06:517", | |
| "resultsPerPage": 2000, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [ | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| }, | |
| { | |
| "configurations": { | |
| "CVE_data_version": "4.0", | |
| "nodes": [] | |
| }, | |
| "cve": { | |
| "CVE_data_meta": { | |
| "ASSIGNER": "security-advisories@github.com", | |
| "ID": "CVE-2022-41917" | |
| }, | |
| "data_format": "MITRE", | |
| "data_type": "CVE", | |
| "data_version": "4.0", | |
| "description": { | |
| "description_data": [ | |
| { | |
| "lang": "en", | |
| "value": "OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a response containing the first line of text from arbitrary files. The list of potentially impacted files is limited to text files with read permissions allowed in the Java Security Manager policy configuration. OpenSearch version 1.3.7 and 2.4.0 contain a fix for this issue. Users are advised to upgrade. There are no known workarounds for this issue." | |
| } | |
| ] | |
| }, | |
| "problemtype": { | |
| "problemtype_data": [ | |
| { | |
| "description": [] | |
| } | |
| ] | |
| }, | |
| "references": { | |
| "reference_data": [ | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx", | |
| "refsource": "CONFIRM", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/security/advisories/GHSA-w3rx-m34v-wrqx" | |
| }, | |
| { | |
| "name": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0", | |
| "refsource": "MISC", | |
| "tags": [], | |
| "url": "https://github.com/opensearch-project/OpenSearch/commit/6d20423f5920745463b1abc5f1daf6a786c41aa0" | |
| } | |
| ] | |
| } | |
| }, | |
| "impact": {}, | |
| "lastModifiedDate": "2022-11-16T00:15Z", | |
| "publishedDate": "2022-11-16T00:15Z" | |
| } | |
| ], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:10Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 1, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "lastModEndDate": "2022-11-17T02:11:45:962", | |
| "lastModStartDate": "2022-11-15T02:09:45:958", | |
| "resultsPerPage": 2000, | |
| "startIndex": 2000 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "result": { | |
| "CVE_Items": [], | |
| "CVE_data_format": "MITRE", | |
| "CVE_data_timestamp": "2022-11-16T18:11Z", | |
| "CVE_data_type": "CVE", | |
| "CVE_data_version": "4.0" | |
| }, | |
| "resultsPerPage": 2000, | |
| "startIndex": 2001, | |
| "totalResults": 10 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "created": "2022-11-16T18:12.000+00:00", | |
| "dailyCounts": null, | |
| "error": null, | |
| "grid": null, | |
| "inVsOutCounts": null, | |
| "message": null, | |
| "metric": null, | |
| "params": null, | |
| "remainingVulnCounts": null, | |
| "title": null, | |
| "userActivityCountsMap": null, | |
| "vulnPeriodicCounts": null, | |
| "vulnsByScoreCounts": null, | |
| "vulnsByStatusCounts": [ | |
| { | |
| "count": 0, | |
| "description": "All CVEs that have been modified by the submission source after analysis and have not yet be re-analyzed.", | |
| "endDate": null, | |
| "name": "Modified", | |
| "startDate": null | |
| }, | |
| { | |
| "count": 0, | |
| "description": "All CVEs that have been rejected by the submission source.", | |
| "endDate": null, | |
| "name": "Rejected", | |
| "startDate": null | |
| }, | |
| { | |
| "count": 0, | |
| "description": "All CVEs waiting for acceptance.", | |
| "endDate": null, | |
| "name": "Received", | |
| "startDate": null | |
| }, | |
| { | |
| "count": 10, | |
| "description": "All CVEs known by service.", | |
| "endDate": null, | |
| "name": "Total", | |
| "startDate": null | |
| }, | |
| { | |
| "count": 0, | |
| "description": "All CVEs currently being analyzed.", | |
| "endDate": null, | |
| "name": "Undergoing Analysis", | |
| "startDate": null | |
| }, | |
| { | |
| "count": 0, | |
| "description": "All CVEs in queue for analysis.", | |
| "endDate": null, | |
| "name": "Awaiting Analysis", | |
| "startDate": null | |
| } | |
| ], | |
| "xAxisTicks": null | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "resultsPerPage": 1, | |
| "startIndex": 0 | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "format": "NVD_CVE", | |
| "resultsPerPage": 1, | |
| "startIndex": 0, | |
| "timestamp": "2022-11-17T02:12:55.517", | |
| "totalResults": 200005, | |
| "version": "2.0", | |
| "vulnerabilities": [ | |
| { | |
| "cve": { | |
| "configurations": [ | |
| { | |
| "nodes": [ | |
| { | |
| "cpeMatch": [ | |
| { | |
| "criteria": "cpe:2.3:a:eric_allman:sendmail:5.58:*:*:*:*:*:*:*", | |
| "matchCriteriaId": "1D07F493-9C8D-44A4-8652-F28B46CBA27C", | |
| "vulnerable": true | |
| } | |
| ], | |
| "negate": false, | |
| "operator": "OR" | |
| } | |
| ] | |
| } | |
| ], | |
| "descriptions": [ | |
| { | |
| "lang": "en", | |
| "value": "The debug command in Sendmail is enabled, allowing attackers to execute commands as root." | |
| }, | |
| { | |
| "lang": "es", | |
| "value": "El comando de depuraci\u00f3n de Sendmail est\u00e1 activado, permitiendo a atacantes ejecutar comandos como root." | |
| } | |
| ], | |
| "id": "CVE-1999-0095", | |
| "lastModified": "2019-06-11T20:29:00.263", | |
| "metrics": { | |
| "cvssMetricV2": [ | |
| { | |
| "acInsufInfo": false, | |
| "cvssData": { | |
| "accessComplexity": "LOW", | |
| "accessVector": "NETWORK", | |
| "authentication": "NONE", | |
| "availabilityImpact": "COMPLETE", | |
| "baseScore": 10.0, | |
| "baseSeverity": "HIGH", | |
| "confidentialityImpact": "COMPLETE", | |
| "integrityImpact": "COMPLETE", | |
| "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", | |
| "version": "2.0" | |
| }, | |
| "exploitabilityScore": 10.0, | |
| "impactScore": 10.0, | |
| "obtainAllPrivilege": true, | |
| "obtainOtherPrivilege": false, | |
| "obtainUserPrivilege": false, | |
| "source": "nvd@nist.gov", | |
| "type": "Primary", | |
| "userInteractionRequired": false | |
| } | |
| ] | |
| }, | |
| "published": "1988-10-01T04:00:00.000", | |
| "references": [ | |
| { | |
| "source": "cve@mitre.org", | |
| "url": "http://seclists.org/fulldisclosure/2019/Jun/16" | |
| }, | |
| { | |
| "source": "cve@mitre.org", | |
| "url": "http://www.openwall.com/lists/oss-security/2019/06/05/4" | |
| }, | |
| { | |
| "source": "cve@mitre.org", | |
| "url": "http://www.openwall.com/lists/oss-security/2019/06/06/1" | |
| }, | |
| { | |
| "source": "cve@mitre.org", | |
| "url": "http://www.securityfocus.com/bid/1" | |
| } | |
| ], | |
| "sourceIdentifier": "cve@mitre.org", | |
| "vulnStatus": "Modified", | |
| "weaknesses": [ | |
| { | |
| "description": [ | |
| { | |
| "lang": "en", | |
| "value": "NVD-CWE-Other" | |
| } | |
| ], | |
| "source": "nvd@nist.gov", | |
| "type": "Primary" | |
| } | |
| ] | |
| } | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment