Hi,
As per NVD, the Apache HttpClient4.5.10 and elasticsearch-rest-high-level-client-7.16.3 present in readonlyrest-1.39.0_es7.16.3.zip are vulnerable.
CVE numbers are as follows:
- CVE-2022-23708
- CVE-2020-13956
Please have a look into this
Hi,
As per NVD, the Apache HttpClient4.5.10 and elasticsearch-rest-high-level-client-7.16.3 present in readonlyrest-1.39.0_es7.16.3.zip are vulnerable.
CVE numbers are as follows:
Please have a look into this
Thanks @Sagarika. We now extended the automatic CVE check to Elasticsearch version dependent modules as well.
This is fixed in ROR 1.40.0