NotCVE - vendor:"Elastic" product:"Elasticsearch" version:" >= 8.0.0 <= 8.9.1"

Page 2 of 12 results (0.003 seconds)

CVSS: 7.8EPSS: 11%CPEs: 2EXPL: 3

CVE-2023-31419 – Elasticsearch StackOverflow vulnerability

https://notcve.org/view.php?id=CVE-2023-31419

22 Sep 2023 — A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service. Se descubrió una falla en Elasticsearch que afectaba a la API _search y permitía que una cadena de consulta especialmente manipulada provocara un desbordamiento de pila y, en última instancia, una denegación de servicio. • https://packetstorm.news/files/id/174807 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-23712

https://notcve.org/view.php?id=CVE-2022-23712

06 Jun 2022 — A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request. Se ha detectado un fallo de Denegación de Servicio en Elasticsearch. Usando esta vulnerabilidad, un atacante no autenticado podría cerrar por la fuerza un nodo de Elasticsearch con una petición de red con un formato específico • https://discuss.elastic.co/t/elastic-stack-7-17-4-and-8-2-1-security-update/305530 • CWE-754: Improper Check for Unusual or Exceptional Conditions •

1 2