floragunn CVE 脆弱性と CVE 一覧(2)

製品(CPE): — CVE 件数: 2

floragunn 脆弱性概要

This page aggregates publicly disclosed CVE and security risk information related to floragunn, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

脆弱性分布の推移(直近24か月)

表示中 12 / 2 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-12148 In Search Guard versions 3.1.1 and earlier, Field Masking (FM) rules are improperly enforced on fields of type IP (IP Address). While the content of these fields is properly redacted in the _source document returned by search operations, the results do return documents (hits) when searching based on a specific IP values. This allows to reconstruct the original contents of the field. Workaround - If you cannot upgrade immediately, you can avoid the problem by using field level security (FLS) pr [email protected] 6.0 0.25% 2025-10-29 2026-06-17
CVE-2025-12147 In Search Guard FLX versions 3.1.1 and earlier, Field-Level Security (FLS) rules are improperly enforced on object-valued fields. When an FLS exclusion rule (e.g., ~field) is applied to a field which contains an object as its value, the object is correctly removed from the _source returned by search operations. However, the object members (i.e., child attributes) remain accessible to search queries. This exposure allows adversaries to infer or reconstruct the original contents of the excluded [email protected] 6.0 0.25% 2025-10-29 2026-06-17
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence