Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 32 additions & 0 deletions gems/logstash-output-tcp/CVE-2025-37730.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
---
gem: logstash-output-tcp
cve: 2025-37730
ghsa: qrf7-ph5v-mj2v
url: https://nvd.nist.gov/vuln/detail/CVE-2025-37730
title: Improper certificate validation in Logstash's TCP output...
date: 2025-05-06
description: |
Improper certificate validation in Logstash's TCP output could lead
to a man-in-the-middle (MitM) attack in “client” mode, as hostname
verification in TCP output was not being performed when the
ssl_verification_mode => full was set.
cvss_v3: 6.5
patched_versions:
- "~> 6.2.2"
- ">= 7.0.1"
related:
url:
- https://nvd.nist.gov/vuln/detail/CVE-2025-37730
- https://rubygems.org/gems/logstash-output-tcp/versions/7.0.1
- https://rubygems.org/gems/logstash-output-tcp/versions/6.2.2
- https://github.com/logstash-plugins/logstash-output-tcp/blob/main/CHANGELOG.md#701
- https://github.com/logstash-plugins/logstash-output-tcp/pull/61
- https://github.com/logstash-plugins/logstash-output-tcp/commit/e32bd16a1d96cd0bc821fa4b93149934050f4040
- https://discuss.elastic.co/t/logstash-8-17-6-8-18-1-and-9-0-1-security-update-esa-2025-08/377869
- https://github.com/advisories/GHSA-qrf7-ph5v-mj2v
notes: |
- GHSA is unreviewed.
- Used cvss_v3 and date from nvs.nist.gov URL.
- Above discuss URL says "Alternatively, users may also
upgrade the TCP output plugin to 6.2.2 or 7.0.1 by running
bin/logstash-plugin update logstash-output-tcp."