Lucene search
GoogleOSV:DSA-3241-1HistoryApr 29, 2015 - 12:00 a.m.
elasticsearch - security update
2015-04-2900:00:00
Google
osv.dev
4
0.962 High
EPSS
Percentile
99.5%
John Heasman discovered that the site plugin handling of the
Elasticsearch search engine was susceptible to directory traversal.
For the stable distribution (jessie), this problem has been fixed in
version 1.0.3+dfsg-5+deb8u1.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your elasticsearch packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| elasticsearch | eq | 1.0.3+dfsg-5 |
References
Related
ubuntucve
ubuntucve
CVE-2015-3337
2015-05-01 00:00:00
nessus
nessus
freebsd
freebsd
elasticsearch -- directory traversal attack with site plugins
2015-04-27 00:00:00
osv
osv
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
2022-05-17 04:12:25
openvas
openvas
Debian Security Advisory DSA 3241-1 (elasticsearch - security update)
2015-04-29 00:00:00
Debian: Security Advisory (DSA-3241-1)
2015-04-28 00:00:00
Elasticsearch Directory Traversal Vulnerability
2015-05-05 00:00:00
exploitpack
exploitpack
ElasticSearch 1.4.5 1.5.2 - Directory Traversal
2015-05-18 00:00:00
cvelist
cvelist
CVE-2015-3337
2015-05-01 15:00:00
github
github
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
2022-05-17 04:12:25
securityvulns
securityvulns
Elasticsearch directory traversal
2015-05-05 00:00:00
Elasticsearch vulnerability CVE-2015-3337
2015-05-05 00:00:00
[SECURITY] [DSA 3241-1] elasticsearch security update
2015-05-05 00:00:00
debian
debian
[SECURITY] [DSA 3241-1] elasticsearch security update
2015-04-29 20:32:58
nuclei
nuclei
Elasticsearch - Local File Inclusion
2021-03-24 20:51:43
packetstorm
packetstorm
ElasticSearch Directory Traversal Proof Of Concept
2015-05-01 00:00:00
prion
prion
Directory traversal
2015-05-01 15:59:00
cve
cve
CVE-2015-3337
2015-05-01 15:59:06
nvd
nvd
CVE-2015-3337
2015-05-01 15:59:06
exploitdb
exploitdb
ElasticSearch < 1.4.5 / < 1.5.2 - Directory Traversal
2015-05-18 00:00:00