8 matches found
Denial Of Service (DoS)
org.elasticsearch.plugin, x-pack-security is vulnerable to Denial of Service DoS. The vulnerability is due to the lack of limits or throttling on user settings data allocation, which allows a low-privileged authenticated attacker to submit oversized data and trigger excessive memory allocation...
GHSA-QF7C-7R9H-MM92 Elasticsearch has Excessive Allocation of Resources via Submission of Oversized User Settings Data
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...
Linux Distros Unpatched Vulnerability : CVE-2025-68384
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation...
Allocation of Resources Without Limits or Throttling
Overview org.elasticsearch.plugin:x-pack-security is an Elasticsearch Expanded Pack Plugin - Security Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the submission of oversized user settings data. An attacker can exhaust system resourc...
CVE-2025-68384
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...
CVE-2025-68384
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...
CVE-2025-68384
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation CAPEC-130 causing a persistent denial of service OOM crash via submission of oversized user settings data...
CVE-2025-68384
CVE-2025-68384 affects Elasticsearch and describes an allocation of resources without limits or throttling (CWE-770). The issue can be exploited by a low-privileged authenticated user to trigger excessive allocation, leading to a persistent denial of service (OOM crash) by submitting oversized us...