DirectorySecurity Advisories
Sign In
Security Advisories

CGA-2frj-j5q4-9hqq

Published

Last updated

https://images.chainguard.dev/security/CGA-2frj-j5q4-9hqq
Package

elasticsearch-8

Latest Update
Under investigation
Aliases
  • CVE-2020-9488
  • GHSA-vwqq-5vrc-xw9h

Severity

3.7

Low

CVSS V3

Summary

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender

Description

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender prior to version 2.13.2. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation