An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow.

...

Denial Of Service (DoS)

Elasticsearch is vulnerable to Denial Of Service DoS. The vulnerability is due to unbounded recursion due to improper handling of deeply nested GeometryCollection objects in Well-Known Text WKT format, which allows attackers to craft specially formatted input that triggers a stack overflow and...

GHSA-5XM9-X7X4-4J5X Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS through the handling of Well-Known Text formatted strings with nested GeometryCollection objects. An attacker can cause a stackoverflow by sending specially crafted requests that exploit this recursion. Details...

CVE-2024-52981

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...

UBUNTU-CVE-2024-52981

An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...

Elasticsearch 7.17.24 and 8.15.1 Security Update (ESA-2024-37)

Elasticsearch Uncontrolled Resource Consumption vulnerability ESA-2024-37 An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow. Affected Versions: Elasticsearch versions 7.17....