github.com/elastic/beats/v7
Go4 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting github.com/elastic/beats/v7page 1 of 1
- CVE-2023-49922MEDIUMCVSS 6.5EG 6.8✓ Fixed in 7.17.162023-12-12
An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending …
- CVE-2025-68383MEDIUMCVSS 6.5EG 6.5✓ Fixed in 7.0.0-alpha2.0.20251204214633-dd3af18220bf2025-12-18
Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/cras…
- CVE-2025-68388MEDIUMCVSS 5.3EG 5.3✓ Fixed in 7.0.0-alpha2.0.20251209162832-28cfc80d2f4e2025-12-18
Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation …
- CVE-2026-0528MEDIUMCVSS 6.5EG 6.5✓ Fixed in 7.0.0-alpha2.0.20251217054608-6e42552a23ce2026-01-13
Improper Validation of Array Index (CWE-129) exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation (CAPEC-153) via specially crafted, malformed payloads sent to the Graphite server metricse…
Check whether github.com/elastic/beats/v7 is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/elastic/beats/v7 CVEs against the assets you own.
Start Free Scan →