Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 5:46 p.m.5 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-6.8.23.jar Vulnerability Details CVEID:CVE-2024-52979 DESCRIPTION: Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search templates with Mustache functions can lead to Denial...

7.5CVSS5.8AI score0.00522EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/04/16 12:54 a.m.11 views

CLEANSTART-2026-QW49365 Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial o...

Multiple security vulnerabilities affect the sonarqube package. Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of...

9.8CVSS5.8AI score0.00245EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-10257

Malicious code in bioql PyPI...

6.5CVSS7.4AI score0.00467EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-1021

Malicious code in bioql PyPI...

7.5CVSS6.2AI score0.00943EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-1497

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00909EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-1914

Malicious code in bioql PyPI...

4.9CVSS5AI score0.00529EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-23450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS6.3AI score0.00943EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/02 11:43 a.m.17 views

CVE-2024-52979

A flaw was found in Elasticsearch. This flaw allows a remote attacker to trigger an application-level denial of service by sending specially crafted search templates that use Mustache functions. Mitigation Mitigation for this issue is either not available or the currently available options do not...

4.3CVSS6.8AI score0.00522EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/10 7:27 p.m.16 views

CVE-2024-52980

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...

6.5CVSS6.6AI score0.00467EPSS
Exploits0References1
OSV
OSV
added 2025/04/10 7:10 a.m.5 views

BIT-ELASTICSEARCH-2024-52980 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...

6.5CVSS6.3AI score0.00467EPSS
Exploits0References2
NVD
NVD
added 2025/04/08 5:15 p.m.9 views

CVE-2024-52980

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have readpipeline Elasticsearch cluster privilege assigned to the...

6.5CVSS0.00467EPSS
Exploits0References1
CVE
CVE
added 2025/04/08 4:43 p.m.77 views

CVE-2024-52980

CVE-2024-52980 refers to an Elasticsearch vulnerability where a large recursion in the PatternBank.innerForbidCircularReferences function can crash a node. The issue requires a user with read_pipeline cluster privilege to trigger the condition, making it a resource-exhaustion risk (availability l...

6.5CVSS6.9AI score0.00467EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/03/27 5:3 p.m.12 views

CVE-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

4.9CVSS6.3AI score0.00943EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.5 views

SUSE CVE-2022-23712

A Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticated attacker could forcibly shut down an Elasticsearch node with a specifically formatted network request...

7.5CVSS7.5AI score0.074EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/06/08 4:7 p.m.95 views

CVE-2022-23712

A flaw was found in Elasticsearch. This flaw allows an unauthenticated attacker to forcibly shut down an Elasticsearch node with a specifically formatted network request, affecting system availability...

7.5CVSS3.9AI score0.074EPSS
Exploits0References3
Rows per page
Query Builder