Vulnerabilities in OpenSearch 2.19.3 Aqua Scan Report

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):

Describe the issue: We have found 2high, 17Medium and 2 low vulnerabilities in Aqua scan reports for OpenSearch 2.19.3. We have attached the screenshot of all vulnerable libraries. Could you please let us know how these vulnerabilities are exploitable and if these vulnerabilites are mitigated in future release.

Configuration:

Relevant Logs or Screenshots:

image2554×1408 410 KB

HI @SRAI315 ,

Thanks for sharing, I would suggest keeping an eye on the vulnerabilities and testing against later versions as they release. In addition you could open an issue on git and report your findings there so it doesn’t go unseen.

Leeroy.