GHSA-285m-vhfq-xx4h
Suggest an improvement- Source
- https://github.com/advisories/GHSA-285m-vhfq-xx4h
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-285m-vhfq-xx4h/GHSA-285m-vhfq-xx4h.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-285m-vhfq-xx4h
- Aliases
-
- BIT-elasticsearch-2023-46673
- CVE-2023-46673
- Published
- 2023-11-22T12:30:26Z
- Modified
- 2024-02-16T07:58:09.292811Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Elasticsearch Improper Handling of Exceptional Conditions
- Details
-
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.
- Database specific
{ "nvd_published_at": "2023-11-22T10:15:08Z", "cwe_ids": [ "CWE-755" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2023-11-22T20:57:26Z" }- References
Affected packages
Maven / org.elasticsearch:elasticsearch
Package
- Name
- org.elasticsearch:elasticsearch
- View open source insights on deps.dev
- Purl
- pkg:maven/org.elasticsearch/elasticsearch
Affected versions
7.*
7.0.0
7.0.1
7.1.0
7.1.1
7.2.0
7.2.1
7.3.0
7.3.1
7.3.2
7.4.0
7.4.1
7.4.2
7.5.0
7.5.1
7.5.2
7.6.0
7.6.1
7.6.2
7.7.0
7.7.1
7.8.0
7.8.1
7.9.0
7.9.1
7.9.2
7.9.3
7.10.0
7.10.1
7.10.2
7.11.0
7.11.1
7.11.2
7.12.0
7.12.1
7.13.0
7.13.1
7.13.2
7.13.3
7.13.4
7.14.0
7.14.1
7.14.2
7.15.0
7.15.1
7.15.2
7.16.0
7.16.1
7.16.2
7.16.3
7.17.0
7.17.1
7.17.2
7.17.3
7.17.4
7.17.5
7.17.6
7.17.7
7.17.8
7.17.9
7.17.10
7.17.11
7.17.12
7.17.13
Maven / org.elasticsearch:elasticsearch
Package
- Name
- org.elasticsearch:elasticsearch
- View open source insights on deps.dev
- Purl
- pkg:maven/org.elasticsearch/elasticsearch