We are releasing today a new security bug fix release for Search Guard 53. It fixes a security issue which affects only users who are using document level security (DLS).
A flaw was discovered in the DLS implementation where single attributes values could be exposed to a user, even if the user does not have privileges to access documents containing these attribute values.
Search Guard (®) is an Elasticsearch plugin that offers encryption, authentication, and authorization.
Coded with love in Berlin, Denmark, Sweden, Italy, Ukraine and the US.
Search Guard is a trademark of floragunn GmbH, registered in the U.S. and in other countries.
Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries.