Known Vulnerabilities for Search Guard by Search-guard
Listed below are 10 of the newest known vulnerabilities associated with "Search Guard" by "Search-guard".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40319 json | Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a use... | Not Provided | 2026-04-17 | 2026-04-17 |
| CVE-2026-4819 json | In Search Guard FLX versions from 1.0.0 up to 4.0.1, the audit logging feature might log user credentials from users logging ... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-4818 json | In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privilege... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-4799 json | In Search Guard FLX up to version 4.0.1, it is possible to use specially crafted requests to redirect the user to an untruste... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2019-13423 json | Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could i... | 8.8 - HIGH | 2019-08-23 | 2020-10-08 |
| CVE-2019-13422 json | Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an attacker can redirect the user to... | 6.1 - MEDIUM | 2019-08-23 | 2019-10-09 |
| CVE-2019-13421 json | Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of othe... | 4.9 - MEDIUM | 2019-08-23 | 2019-10-09 |
| CVE-2019-13420 json | Search Guard versions before 21.0 had an timing side channel issue when using the internal user database. | 5.9 - MEDIUM | 2019-08-13 | 2021-09-14 |
| CVE-2019-13419 json | Search Guard versions before 23.1 had an issue that for aggregations clear text values of anonymised fields were leaked. | 7.5 - HIGH | 2019-08-13 | 2019-10-09 |
| CVE-2019-13418 json | Search Guard versions before 24.0 had an issue that values of string arrays in documents are not properly anonymized. | 7.5 - HIGH | 2019-08-12 | 2023-03-02 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Search-guard | Search Guard | 6.5.3-16 | |||
| Application | Search-guard | Search Guard | 6.5.1-16 | |||
| Application | Search-guard | Search Guard | 6.4.3-16 | |||
| Application | Search-guard | Search Guard | 6.4.2-16 | |||
| Application | Search-guard | Search Guard | 6.4.1-16 | |||
| Application | Search-guard | Search Guard | 6.4.0-16 | |||
| Application | Search-guard | Search Guard | 6.4.0-15 | |||
| Application | Search-guard | Search Guard | 6.3.2-16 | |||
| Application | Search-guard | Search Guard | 6.3.2-15 | |||
| Application | Search-guard | Search Guard | 6.3.2-14 | |||
| Application | Search-guard | Search Guard | 6.3.1-16 | |||
| Application | Search-guard | Search Guard | 6.3.1-15 | |||
| Application | Search-guard | Search Guard | 6.3.1-14 | |||
| Application | Search-guard | Search Guard | 6.3.0-16 | |||
| Application | Search-guard | Search Guard | 6.3.0-14 | |||
| Application | Search-guard | Search Guard | 6.2.4-15 | |||
| Application | Search-guard | Search Guard | 6.2.4-14 | |||
| Application | Search-guard | Search Guard | 6.2.3-15 | |||
| Application | Search-guard | Search Guard | 6.2.3-14 | |||
| Application | Search-guard | Search Guard | 6.2.3-12 |