GHSA-3gg4-6hqg-2vjx
Suggest an improvement- Source
- https://github.com/advisories/GHSA-3gg4-6hqg-2vjx
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3gg4-6hqg-2vjx/GHSA-3gg4-6hqg-2vjx.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-3gg4-6hqg-2vjx
- Aliases
-
- CVE-2016-10362
- Published
- 2022-05-13T01:38:50Z
- Modified
- 2024-02-16T08:20:31.858430Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- Logstash Logs Sensitive Information
- Details
-
Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials.
- Database specific
{ "nvd_published_at": "2017-06-16T21:29:00Z", "cwe_ids": [ "CWE-200" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-07-28T21:30:09Z" }- References
Affected packages
RubyGems / logstash-core
Package
- Name
- logstash-core
- Purl
- pkg:gem/logstash-core
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.0.1
Affected versions
1.*
1.5.0.beta2
1.5.0.rc1
1.5.0.rc1.1
1.5.0.rc2.snapshot
1.5.0.rc2
1.5.0.rc3.snapshot1
1.5.0.rc3.snapshot2
1.5.0.rc3.snapshot3
1.5.0.rc3.snapshot4
1.5.0.rc3.snapshot5
1.5.0.rc3.snapshot6
1.5.0.rc3
1.5.0.rc4.snapshot1
1.5.0.rc4.snapshot2
1.5.0.rc4
1.5.0.snapshot1
1.5.0
1.5.1.snapshot1
1.5.1
1.5.2.snapshot1
1.5.2.snapshot2
1.5.2
1.5.2.1
1.5.2.2
1.5.3.snapshot1
1.5.3.snapshot2
1.5.3
1.5.4.snapshot1
1.5.4.snapshot2
1.5.4.snapshot3
1.5.4
1.5.5
1.5.6
2.*
2.0.0.beta1
2.0.0.beta2
2.0.0.beta3
2.0.0.rc1
2.0.0
2.0.1.snapshot1
2.0.1
2.1.0.snapshot1
2.1.0.snapshot2
2.1.0.snapshot3
2.1.0.snapshot4
2.1.0
2.1.1
2.1.2.snapshot1
2.1.2
2.1.3
2.2.0.snapshot2
2.2.0.snapshot3
2.2.0
2.2.1.snapshot1
2.2.1
2.2.2
2.2.3.snapshot2
2.2.3
2.2.4.snapshot1
2.2.4.snapshot2
2.2.4
2.3.0.snapshot1
2.3.0.snapshot3
2.3.0.snapshot4
2.3.0.snapshot5
2.3.0
2.3.1.snapshot1
2.3.1
2.3.2.snapshot1
2.3.2
2.3.3.snapshot1
2.3.3.snapshot2
2.3.3
2.3.4.snapshot1
2.3.4
2.4.0.snapshot1
2.4.0.snapshot2
2.4.0.snapshot3
2.4.0.snapshot4
2.4.0
2.4.1
5.*
5.0.0.alpha1.snapshot1
5.0.0.alpha1.snapshot2
5.0.0.alpha1
5.0.0.alpha2.snapshot1
5.0.0.alpha2.snapshot2
5.0.0.alpha2
5.0.0.alpha3.snapshot1
5.0.0.alpha3.snapshot2
5.0.0.alpha3.snapshot4
5.0.0.alpha3.snapshot5
5.0.0.alpha3.snapshot6
5.0.0.alpha3.snapshot7
5.0.0.alpha3.snapshot8
5.0.0.alpha3
5.0.0.alpha4.snapshot1
5.0.0.alpha4.snapshot2
5.0.0.alpha4.snapshot3
5.0.0.alpha5.snapshot1
5.0.0.alpha6.snapshot1
5.0.0.alpha6.snapshot2
5.0.0.alpha6.snapshot3
5.0.0.alpha6.snapshot4
5.0.0.alpha6.snapshot5
5.0.0.pre.beta1
5.0.0.pre.rc1
5.0.0