Lucene search
K

109 matches found

OSV
OSV
added 2021/07/26 12:15 p.m.3 views

UBUNTU-CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

6.5CVSS7.4AI score0.0166EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/07/26 12:15 p.m.21 views

CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

6.5CVSS7AI score0.0166EPSS
Exploits0References1
Prion
Prion
added 2021/07/26 12:15 p.m.31 views

Design/Logic Flaw

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

4CVSS6.4AI score0.0166EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2021/07/26 11:48 a.m.42 views

CVE-2021-22144

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...

6.8AI score0.0166EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/07/26 12:0 a.m.5 views

PT-2021-14869 · Elastic · Elasticsearch

Name of the Vulnerable Software and Affected Versions: Elasticsearch versions prior to 7.13.3 Elasticsearch versions prior to 6.8.17 Description: An uncontrolled recursion issue in the Elasticsearch Grok parser could lead to a denial of service attack. A user who can submit arbitrary queries to...

6.5CVSS6.5AI score0.0166EPSS
Exploits0References14
CNVD
CNVD
added 2021/07/12 12:0 a.m.46 views

Elasticsearch Resource Management Error Vulnerability

Elasticsearch is a set of open source distributed RESTful search engine built on Lucene from the Dutch company Elasticsearch. The product is mainly used in cloud computing and supports data indexing using JSON over HTTP.Elasticsearch has a resource management error vulnerability that stems from...

6.5CVSS2.1AI score0.0166EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/07/08 12:0 a.m.8 views

Elastic 资源管理错误漏洞

Elasticsearch is a set of open source distributed RESTful search engine built on Lucene from the Dutch company Elasticsearch. The product is mainly used in cloud computing and supports data indexing using JSON over HTTP.Elasticsearch has a resource management error vulnerability that stems from...

6.5CVSS5.7AI score0.0166EPSS
Exploits0References8
Elastic
Elastic
added 2021/07/07 5:23 p.m.10 views

Elasticsearch 7.13.3 and 6.8.17 Security Update

Elasticsearch Denial of Service issue ESA-2021-15 An uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that wi...

6.5CVSS6.8AI score0.0166EPSS
Exploits0
CNVD
CNVD
added 2021/07/02 12:0 a.m.10 views

Grok Buffer Overflow Vulnerability

Grok is a regular expression that uses a combination of multiple predefined . A tool used to match split text and map to keywords. Often used to preprocess log data. A security vulnerability exists in Grok versions 7.6.6 through 9.2.0 that stems from a heap-based buffer overflow in the...

7.8CVSS7.2AI score0.01175EPSS
Exploits1References1
NVD
NVD
added 2021/07/01 3:15 a.m.25 views

CVE-2021-36089

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...

7.8CVSS0.01175EPSS
Exploits1References3
OSV
OSV
added 2021/07/01 3:15 a.m.4 views

DEBIAN-CVE-2021-36089

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...

7.8CVSS7.8AI score0.01175EPSS
Exploits1References1
OSV
OSV
added 2021/07/01 3:15 a.m.7 views

CVE-2021-36089

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...

7.8CVSS7.3AI score
Exploits0References3
Prion
Prion
added 2021/07/01 3:15 a.m.16 views

Heap overflow

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...

6.8CVSS7.8AI score0.01175EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2021/07/01 3:15 a.m.37 views

CVE-2021-36089

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...

7.8CVSS7.3AI score0.01175EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2021/07/01 2:50 a.m.22 views

CVE-2021-36089

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...

7.8CVSS7.9AI score0.01175EPSS
Exploits1
CVE
CVE
added 2021/07/01 2:50 a.m.94 views

CVE-2021-36089

Grok vulnerability CVE-2021-36089 affects Grok versions 7.6.6–9.2.0 with a heap-based buffer overflow in grk::FileFormatDecompress::apply_palette_clr (called from grk::FileFormatDecompress::applyColour). The root cause is a heap-based overflow in the palette color application path. Affected compo...

7.8CVSS7.8AI score0.01175EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2021/07/01 2:50 a.m.26 views

CVE-2021-36089

Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...

8.1AI score0.01175EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/07/01 12:0 a.m.4 views

Grok 缓冲区错误漏洞

Grok is a regular expression that uses a combination of multiple predefined . A tool used to match split text and map to keywords. Often used to preprocess log data. A security vulnerability exists in Grok versions 7.6.6 through 9.2.0 that stems from a heap-based buffer overflow in the...

7.8CVSS5.9AI score0.01175EPSS
Exploits1References3
ossfuzz
ossfuzz
added 2020/10/28 5:20 p.m.22 views

grok:grk_decompress_fuzzer: Crash in grk::SparseBuffer<6u, 6u>::read_or_write

Detailed Report: https://oss-fuzz.com/testcase?key=6267600499376128 Project: grok Fuzzing Engine: afl Fuzz Target: grkdecompressfuzzer Job Type: aflasangrok Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000003c2c Crash State: grk::SparseBuffer::readorwrite grk::SparseBuffer::rea...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2020/10/23 2:12 a.m.18 views

grok:grk_decompress_fuzzer: Heap-buffer-overflow in grk::Subband::Subband

Detailed Report: https://oss-fuzz.com/testcase?key=5719298213150720 Project: grok Fuzzing Engine: libFuzzer Fuzz Target: grkdecompressfuzzer Job Type: libfuzzerasangrok Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6140000001d0 Crash State: grk::Subband::Subband...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder