Elastic Logstash
15 CVEs affecting Elastic Logstash. Latest disclosed: 2026-04-08. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-46672 | High | 8.4 | 2023-11-15 | An issue was identified by Elastic whereby sensitive information is recorded in Logstash logs under specific circumstances. The prerequisites for the manifest… |
CVE-2026-33466 | High | 8.1 | 2026-04-08 | Improper Limitation of a Pathname to a Restricted Directory (CWE-22) in Logstash can lead to arbitrary file write and potentially remote code execution via Rel… |
CVE-2015-5378 | High | 7.5 | 2017-06-27 | Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications between Logstash Forwarder agent and Logstash server. |
CVE-2016-10363 | High | 7.5 | 2017-06-16 | Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perfo… |
CVE-2016-1000222 | High | 7.5 | 2017-06-16 | Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will create malicious formulas in the CSV data. |
CVE-2016-1000221 | High | 7.5 | 2017-06-16 | Logstash prior to version 2.3.4, Elasticsearch Output plugin would log to file HTTP authorization headers which could contain sensitive information. |
CVE-2025-37730 | Medium | 6.5 | 2025-05-06 | Improper certificate validation in Logstash's TCP output could lead to a man-in-the-middle (MitM) attack in “client” mode, as hostname verification in TCP outp… |
CVE-2016-10362 | Medium | 6.5 | 2017-06-16 | Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials. |
CVE-2015-5619 | Medium | 5.9 | 2017-08-09 | Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder does not validate SSL/TLS certificates from the Logstash se… |
CVE-2019-7620 | | 2019-10-30 | Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to… | |
CVE-2019-7613 | | 2019-03-25 | Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to inject certain characters into a log entry could prevent Winl… | |
CVE-2019-7612 | | 2019-03-25 | A sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs malformed URLs. If a malformed URL is specified as part of… | |
CVE-2018-3817 | | 2018-03-30 | When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information. | |
CVE-2015-4152 | | 2015-06-15 | Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vect… | |
CVE-2014-4326 | | 2014-07-22 | Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagi… |