109 matches found
UBUNTU-CVE-2021-22144
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...
CVE-2021-22144
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...
Design/Logic Flaw
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...
CVE-2021-22144
In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that...
PT-2021-14869 · Elastic · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch versions prior to 7.13.3 Elasticsearch versions prior to 6.8.17 Description: An uncontrolled recursion issue in the Elasticsearch Grok parser could lead to a denial of service attack. A user who can submit arbitrary queries to...
Elasticsearch Resource Management Error Vulnerability
Elasticsearch is a set of open source distributed RESTful search engine built on Lucene from the Dutch company Elasticsearch. The product is mainly used in cloud computing and supports data indexing using JSON over HTTP.Elasticsearch has a resource management error vulnerability that stems from...
Elastic 资源管理错误漏洞
Elasticsearch is a set of open source distributed RESTful search engine built on Lucene from the Dutch company Elasticsearch. The product is mainly used in cloud computing and supports data indexing using JSON over HTTP.Elasticsearch has a resource management error vulnerability that stems from...
Elasticsearch 7.13.3 and 6.8.17 Security Update
Elasticsearch Denial of Service issue ESA-2021-15 An uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that wi...
Grok Buffer Overflow Vulnerability
Grok is a regular expression that uses a combination of multiple predefined . A tool used to match split text and map to keywords. Often used to preprocess log data. A security vulnerability exists in Grok versions 7.6.6 through 9.2.0 that stems from a heap-based buffer overflow in the...
CVE-2021-36089
Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...
DEBIAN-CVE-2021-36089
Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...
CVE-2021-36089
Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...
Heap overflow
Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...
CVE-2021-36089
Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...
CVE-2021-36089
Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...
CVE-2021-36089
Grok vulnerability CVE-2021-36089 affects Grok versions 7.6.6–9.2.0 with a heap-based buffer overflow in grk::FileFormatDecompress::apply_palette_clr (called from grk::FileFormatDecompress::applyColour). The root cause is a heap-based overflow in the palette color application path. Affected compo...
CVE-2021-36089
Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk::FileFormatDecompress::applypaletteclr called from grk::FileFormatDecompress::applyColour...
Grok 缓冲区错误漏洞
Grok is a regular expression that uses a combination of multiple predefined . A tool used to match split text and map to keywords. Often used to preprocess log data. A security vulnerability exists in Grok versions 7.6.6 through 9.2.0 that stems from a heap-based buffer overflow in the...
grok:grk_decompress_fuzzer: Crash in grk::SparseBuffer<6u, 6u>::read_or_write
Detailed Report: https://oss-fuzz.com/testcase?key=6267600499376128 Project: grok Fuzzing Engine: afl Fuzz Target: grkdecompressfuzzer Job Type: aflasangrok Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000000003c2c Crash State: grk::SparseBuffer::readorwrite grk::SparseBuffer::rea...
grok:grk_decompress_fuzzer: Heap-buffer-overflow in grk::Subband::Subband
Detailed Report: https://oss-fuzz.com/testcase?key=5719298213150720 Project: grok Fuzzing Engine: libFuzzer Fuzz Target: grkdecompressfuzzer Job Type: libfuzzerasangrok Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x6140000001d0 Crash State: grk::Subband::Subband...