Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Multiple security issues fixed in Logstash FIPS package
CLEANSTART-2026-EW93264
Summary
The Logstash FIPS package has been updated to address several security vulnerabilities that could allow an attacker to exploit the system. These issues have been resolved in later versions of the package. To stay secure, upgrade to the latest version of Logstash FIPS.
What to do
- Update logstash-fips to version 9.3.0-r2.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | logstash-fips | <= 9.3.0-r2 | 9.3.0-r2 |
Original title
Security fixes for GHSA-4cx2-fc23-5wg6, GHSA-6xw4-3v39-52mm, GHSA-72qj-48g4-5xgx, GHSA-mr3q-g2mv-mr4q, GHSA-p543-xpfm-54cp, GHSA-vc5p-v9hr-52mj, GHSA-vqg5-3255-v292 applied in versions: 9.0.8-r2, 9.0.8-r3, 9.0.8-r4, 9.3.0-r1, 9.3.0-r2
Original description
Multiple security vulnerabilities affect the logstash-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advis... Vendor Advisory
- https://osv.dev/vulnerability/GHSA-4cx2-fc23-5wg6 URL
- https://osv.dev/vulnerability/GHSA-6xw4-3v39-52mm URL
- https://osv.dev/vulnerability/GHSA-72qj-48g4-5xgx URL
- https://osv.dev/vulnerability/GHSA-mr3q-g2mv-mr4q URL
- https://osv.dev/vulnerability/GHSA-p543-xpfm-54cp URL
- https://osv.dev/vulnerability/GHSA-vc5p-v9hr-52mj URL
- https://osv.dev/vulnerability/GHSA-vqg5-3255-v292 URL
Published: 4 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026