CVE List

CVE-2019-7614

Moderate 5.9

A race condition flaw was found in the response headers Elasticsearch versions before 7.2.1 and 6.8.2 returns to a request. On a system with multiple users submitting requests, it could be possible for an attacker to gain access to response header containing sensitive data from another user.

Published July 31, 2019.

Affected software

Get alerts for Elastic Elasticsearch

Reference links