Some vulnerabilities in Elasticsearch v7.10.0 x-pack, Elasticsearch sql cli 7.10.0, plugin cli, security cli

Hi,

There are some Vulnerabilities in Elasticsearch 7.10.0 version.
Some vulnerabilities in Elasticsearch v7.10.0 x-pack, Elasticsearch sql cli 7.10.0, plugin cli, security cli.

While installing Elasticsearch all of the above modules like x-pack-core, x-pack-security, x-pack-ml, x-pack-watcher, Elasticsearch sql cli 7.10.0, plugin cli, security cli also getting installed which shows some Vulnerabilities.

Is there a way to remove these package if they are not used in project or any way we can upgrade these components?

These are the Vulnerabilities links:
NVD - CVE-2020-13956
NVD - CVE-2021-40690
NVD - CVE-2020-15522
NVD - CVE-2018-1000613
NVD - CVE-2020-28052
NVD - CVE-2020-15522
NVD - CVE-2019-7611

Thanks

I would recommend you upgrade to version 7.16.2 and check there.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.