CVE-2016-1000222
- EPSS 0.35%
- Veröffentlicht 16.06.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data.
CVE-2016-10363
- EPSS 0.6%
- Veröffentlicht 16.06.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these cra...
CVE-2015-4152
- EPSS 0.63%
- Veröffentlicht 15.06.2015 15:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option.
CVE-2014-4326
- EPSS 0.88%
- Veröffentlicht 22.07.2014 14:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/.