From 492cdd7ca9a9a98738db20590ca30bc711d00121 Mon Sep 17 00:00:00 2001
From: Al Snow <jasnow@hotmail.com>
Date: Tue, 15 Apr 2025 08:46:51 -0400
Subject: [PATCH] GHSA SYNC: 2 brand new advisories

---
 gems/logstash-event/CVE-2014-4326.yml | 23 +++++++++++++++++++++++
 gems/logstash/CVE-2014-4326.yml       | 23 +++++++++++++++++++++++
 2 files changed, 46 insertions(+)
 create mode 100644 gems/logstash-event/CVE-2014-4326.yml
 create mode 100644 gems/logstash/CVE-2014-4326.yml

diff --git a/gems/logstash-event/CVE-2014-4326.yml b/gems/logstash-event/CVE-2014-4326.yml
new file mode 100644
index 0000000000..99452c654a
--- /dev/null
+++ b/gems/logstash-event/CVE-2014-4326.yml
@@ -0,0 +1,23 @@
+---
+gem: logstash-event
+cve: 2014-4326
+ghsa: 8qhq-rq4j-8prj
+url: https://www.elastic.co/community/security
+title: Elasticsearch Logstash allows remote attackers to execute arbitrary commands
+date: 2022-05-14
+description: |
+  Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows
+  remote attackers to execute arbitrary commands via a crafted
+  event in (1) `zabbix.rb` or (2) `nagios_nsca.rb` in `outputs/`.
+cvss_v2: 7.5
+unaffected_versions:
+  - "< 1.0.14"
+patched_versions:
+  - ">= 1.4.2"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-4326
+    - https://www.elastic.co/community/security
+    - https://web.archive.org/web/20140804031140/http://www.elasticsearch.org/blog/logstash-1-4-2
+    - https://web.archive.org/web/20201207013408/http://www.securityfocus.com/archive/1/532841/100/0/threaded
+    - https://github.com/advisories/GHSA-8qhq-rq4j-8prj
diff --git a/gems/logstash/CVE-2014-4326.yml b/gems/logstash/CVE-2014-4326.yml
new file mode 100644
index 0000000000..0164cdcba3
--- /dev/null
+++ b/gems/logstash/CVE-2014-4326.yml
@@ -0,0 +1,23 @@
+---
+gem: logstash
+cve: 2014-4326
+ghsa: 8qhq-rq4j-8prj
+url: https://www.elastic.co/community/security
+title: Elasticsearch Logstash allows remote attackers to execute arbitrary commands
+date: 2022-05-14
+description: |
+  Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows
+  remote attackers to execute arbitrary commands via a crafted
+  event in (1) `zabbix.rb` or (2) `nagios_nsca.rb` in `outputs/`.
+cvss_v2: 7.5
+unaffected_versions:
+  - "< 1.0.14"
+patched_versions:
+  - ">= 1.4.2"
+related:
+  url:
+    - https://nvd.nist.gov/vuln/detail/CVE-2014-4326
+    - https://www.elastic.co/community/security
+    - https://web.archive.org/web/20140804031140/http://www.elasticsearch.org/blog/logstash-1-4-2
+    - https://web.archive.org/web/20201207013408/http://www.securityfocus.com/archive/1/532841/100/0/threaded
+    - https://github.com/advisories/GHSA-8qhq-rq4j-8prj