Lucene search
K

745 matches found

Veracode
Veracode
added 2025/12/12 9:59 a.m.6 views

Denial Of Service (DoS)

OpenSearch is vulnerable to Denial Of Service DoS. The vulnerability is due to the handling of overly complex querystring inputs, which allows an attacker to submit specially crafted queries that exhaust system resources and trigger a DoS condition...

8.3CVSS6.9AI score0.0047EPSS
Exploits1References7Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/02 9:26 p.m.6 views

CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

8.3CVSS6.5AI score0.0047EPSS
Exploits1References1
Chainguard
Chainguard
added 2025/12/02 7:17 p.m.2 views

GHSA-MW3V-MMFW-3X2G vulnerabilities

Vulnerabilities for packages: opensearch...

7AI score
Exploits0
Chainguard
Chainguard
added 2025/12/02 7:17 p.m.12 views

CVE-2025-9624 vulnerabilities

Vulnerabilities for packages: opensearch...

8.3CVSS7AI score0.0047EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/12/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-9624

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versio...

8.3CVSS6AI score0.0047EPSS
Exploits1References2
Chainguard
Chainguard
added 2025/11/29 1:20 a.m.9 views

CVE-2025-66031 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, jitsucom-jitsu, kubeflow-centraldashboard, argo-workflows, kubeflow-pipelines, kibana, opensearch-dashboards...

8.7CVSS6.7AI score0.00373EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/29 1:20 a.m.6 views

GHSA-5GFM-WPXJ-WJGQ vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, jitsucom-jitsu, kubeflow-centraldashboard, argo-workflows, kubeflow-pipelines, kibana, opensearch-dashboards...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2025/11/29 1:20 a.m.7 views

GHSA-554W-WPV2-VW27 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, jitsucom-jitsu, kubeflow-centraldashboard, argo-workflows, kubeflow-pipelines, kibana, opensearch-dashboards...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2025/11/29 1:20 a.m.5 views

GHSA-65CH-62R8-G69G vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, jitsucom-jitsu, kubeflow-centraldashboard, argo-workflows, kubeflow-pipelines, kibana, opensearch-dashboards...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2025/11/29 1:20 a.m.11 views

CVE-2025-66030 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, jitsucom-jitsu, kubeflow-centraldashboard, argo-workflows, kubeflow-pipelines, kibana, opensearch-dashboards...

6.3CVSS5.8AI score0.00276EPSS
Exploits0
Chainguard
Chainguard
added 2025/11/29 1:20 a.m.8 views

CVE-2025-12816 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, jitsucom-jitsu, kubeflow-centraldashboard, argo-workflows, kubeflow-pipelines, kibana, opensearch-dashboards...

8.6CVSS7AI score0.00689EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/11/25 9:32 p.m.8 views

com.erudika:para-search-elasticsearch (=1.42.0), org.codelibs.fesen.client:fesen-httpclient (>=3.0.0 <=3.2.0) +43 more potentially affected by CVE-2025-9624 via org.opensearch:opensearch-common (>=3.0.0 <=3.2.0)

org.opensearch:opensearch-common MAVEN version =3.0.0, =3.0.0, =15.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0.0, =3.22.0, =3.0.0, =3.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.2 and more Source cves: CVE-2025-9624 Source advisory: OSV:GHSA-MW3V-MMFW-3X2G...

8.3CVSS5.8AI score0.0047EPSS
Exploits1
EUVD
EUVD
added 2025/11/25 9:32 p.m.4 views

EUVD-2025-199644

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions below 3.2.0...

8.3CVSS6.3AI score0.0047EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2025/11/25 9:32 p.m.12 views

OpenSearch is vulnerable to DoS via complex query_string inputs

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions below 2.19.4 and versions 3.0.0 through 3.2.0...

8.3CVSS6.5AI score0.0047EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2025/11/25 9:32 p.m.1 views

GHSA-MW3V-MMFW-3X2G OpenSearch is vulnerable to DoS via complex query_string inputs

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions below 2.19.4 and versions 3.0.0 through 3.2.0...

8.3CVSS5.9AI score0.0047EPSS
Exploits1References8
vulnersOsv
vulnersOsv
added 2025/11/25 8:41 p.m.6 views

com.erudika:para-search-elasticsearch (=1.42.0), org.codelibs.fesen.client:fesen-httpclient (>=3.0.0 <=3.2.0) +26 more potentially affected by CVE-2025-9624 via org.opensearch:opensearch (>=3.0.0-alpha1 <=3.2.0)

org.opensearch:opensearch MAVEN version =3.0.0-alpha1, =3.0.0, =15.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0.0, =3.22.0, =3.0.0, =3.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.2 and more Source cves: CVE-2025-9624 Source advisory: SNYK:JAVA-ORGOPENSEARCH-14122812...

8.3CVSS5.8AI score0.0047EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/11/25 8:41 p.m.6 views

com.digitalpebble.stormcrawler:storm-crawler-opensearch (=2.11), com.erudika:para-search-elasticsearch (>=1.40.5 <=1.41.3) +84 more potentially affected by CVE-2025-9624 via org.opensearch:opensearch (>=2.0.0-rc1 <=2.19.3)

org.opensearch:opensearch MAVEN version =2.0.0-rc1, =1.40.5, =1.0.0-TEST, =3.0.7, =0.1.3, =0.1.3, =0.1.3, =0.1.2, =0.1.2, =0.1.2, =1.2.3, =1.2.3, =1.2.3, =4.0.0.0, =4.0.5.2 and more Source cves: CVE-2025-9624 Source advisory: SNYK:JAVA-ORGOPENSEARCH-14122812https://vulners.com/sny...

8.3CVSS5.8AI score0.0047EPSS
Exploits1
Snyk
Snyk
added 2025/11/25 8:41 p.m.2 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the querystring processing. An attacker can exhaust system resources and disrupt service availability by submitting excessively long Boolean or disjunction queries. PoC GET search "query": "querystring":...

8.3CVSS6.6AI score0.0047EPSS
Exploits1References2
OSV
OSV
added 2025/11/25 8:16 p.m.8 views

CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

7.5CVSS6.4AI score
Exploits0References3
NVD
NVD
added 2025/11/25 8:16 p.m.9 views

CVE-2025-9624

A vulnerability in OpenSearch allows attackers to cause Denial of Service DoS by submitting complex querystring inputs. This issue affects all OpenSearch versions between 3.0.0 and 3.3.0 and OpenSearch 2.19.4...

8.3CVSS0.0047EPSS
Exploits1References3
Rows per page
Query Builder