Lucene search

K
osvGoogleOSV:CVE-2021-22144
HistoryJul 26, 2021 - 12:15 p.m.

CVE-2021-22144

2021-07-2612:15:08
Google
osv.dev
1

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.6%