Lucene search
K

21 matches found

Vulnrichment
Vulnrichment
added 2026/03/06 4:23 a.m.2 views

CVE-2026-28677 OpenSift: Insufficient URL destination restrictions in ingest flow could enable SSRF-style internal access

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing...

8.2CVSS5.8AI score0.00298EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2844

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00844EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-46673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate...

7.5CVSS7.2AI score0.00844EPSS
Exploits0References2
OSV
OSV
added 2024/05/14 7:17 a.m.35 views

BIT-ELASTICSEARCH-2024-23450 Elasticsearch Uncontrolled Resource Consumption vulnerability

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS5.8AI score0.00943EPSS
Exploits0References4
OSV
OSV
added 2024/03/27 5:15 p.m.0 views

UBUNTU-CVE-2024-23450

A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...

7.5CVSS6.7AI score0.00943EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/27 12:0 a.m.4 views

Elasticsearch 安全漏洞

Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch versions prior to 7.17.19 and prior to 8.13.0, which stems from the fact that processing a document in a deeply nested pipeline on an ingest node may cause an Elasticsearch node to crash...

7.5CVSS6.2AI score0.00943EPSS
Exploits0References5
OSV
OSV
added 2024/03/06 10:51 a.m.28 views

BIT-ELASTICSEARCH-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS7.3AI score0.00844EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/11/24 2:0 a.m.3 views

SUSE CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS6.9AI score0.00844EPSS
Exploits0References3
Veracode
Veracode
added 2023/11/23 7:34 a.m.235 views

Denial Of Service (DoS)

elasticsearch is vulnerable to Denial Of Service DoS. The vulnerability is caused due to a lack of exception handling while calling the simulate pipeline API. The script processor of an ingest pipeline fails to handle malformed scripts. This can lead to an elastic node crash and ultimately deny...

7.5CVSS7AI score0.00844EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2023/11/23 1:57 a.m.93 views

CVE-2023-46673

A flaw was found in Elasticsearch. A malicious script used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. Mitigation No mitigation is yet available for this flaw...

7.5CVSS6.8AI score0.00844EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2023/11/22 12:30 p.m.35 views

Elasticsearch Improper Handling of Exceptional Conditions

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS7.1AI score0.00844EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/11/22 12:30 p.m.0 views

GHSA-285M-VHFQ-XX4H Elasticsearch Improper Handling of Exceptional Conditions

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

6.5CVSS7.1AI score0.00844EPSS
Exploits0References4
NVD
NVD
added 2023/11/22 10:15 a.m.22 views

CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS0.00844EPSS
Exploits0References2
OSV
OSV
added 2023/11/22 10:15 a.m.7 views

CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS7.4AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/11/22 10:15 a.m.34 views

CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS7.1AI score0.00844EPSS
Exploits0References3
Prion
Prion
added 2023/11/22 10:15 a.m.25 views

Code injection

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

5CVSS6.9AI score0.00844EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/11/22 10:15 a.m.1 views

UBUNTU-CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

7.5CVSS7.1AI score0.00844EPSS
Exploits0References4
CVE
CVE
added 2023/11/22 9:27 a.m.118 views

CVE-2023-46673

CVE-2023-46673 affects Elastic Elasticsearch. Malformed scripts in the script processor of an Ingest Pipeline can cause an Elasticsearch node to crash when calling the Simulate Pipeline API, enabling a denial of service. The vulnerability is tied to the Simulate Pipeline API handling and may impa...

7.5CVSS7.3AI score0.00844EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/11/22 9:27 a.m.39 views

CVE-2023-46673

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...

6.5CVSS7.6AI score0.00844EPSS
Exploits0References2
Elastic
Elastic
added 2023/11/22 9:18 a.m.5 views

Elasticsearch 7.17.14 / 8.10.3 Security Update (ESA-2023-24)

Elasticsearch Improper Handling of Exceptional Conditions ESA-2023-24 It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. Affected Versions: Elasticsearch versions on or afte...

7.5CVSS7.5AI score0.00844EPSS
Exploits0
Rows per page
Query Builder