📦 Opensearch Data Prepper

OpenSearch Data Prepper versions before 2.12.2 have a vulnerability where OpenSearch sink and source plugins automatically trust all SSL certificates when no certificate path is configured. This bypas...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

This vulnerability allows unauthorized users to ingest OpenTelemetry Logs data into OpenSearch Data Prepper when custom authentication plugins are improperly implemented. It affects Data Prepper versi...