If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our vulnerability reporting page or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue.
Security: opensearch-project/security
Security
SECURITY.md
-
OpenSearch uncontrolled resource consumptionGHSA-8wx3-324g-w4qq published
Oct 16, 2023 by CEHENKLEHigh -
OpenSearch Issue with tenant read-only permissionsGHSA-72q2-gwwf-6hrv published
Oct 16, 2023 by CEHENKLEModerate -
Time discrepancy in authentication responsesGHSA-c6wg-cm5x-rqvj published
Feb 28, 2023 by CEHENKLEModerate -
Issue with fine-grained access control during extremely rare race conditionsGHSA-g8xc-6mf7-h28h published
May 8, 2023 by bbaraniModerate -
Issue with whitespace in JWT rolesGHSA-864v-6qj7-62qj published
Jan 24, 2023 by CEHENKLEModerate -
Issue with fine-grained access control of indices backing data streamsGHSA-wmx7-x4jp-9jgg published
Nov 15, 2022 by CEHENKLEModerate -
Field-level security issue with .keyword fieldsGHSA-v3cg-7r9h-r2g6 published
Jan 24, 2023 by CEHENKLEModerate -
Improper Authorization of Index Containing Sensitive Information in OpenSearchGHSA-f4qr-f4xx-hjxw published
Aug 12, 2022 by peterniedHigh
Learn more about advisories related to opensearch-project/security in the GitHub Advisory Database