Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-22145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to...

6.5CVSS7.2AI score0.76249EPSS
Exploits6References2
Github Security Blog
Github Security Blog
added 2025/06/07 12:10 a.m.32 views

Jackson-core Vulnerable to Memory Disclosure via Source Snippet in JsonLocation

Overview A flaw in Jackson-core's JsonLocation.appendSourceDesc method allows up to 500 bytes of unintended memory content to be included in exception messages. When parsing JSON from a byte array with an offset and length, the exception message incorrectly reads from the beginning of the array...

4CVSS7.1AI score0.00314EPSS
Exploits0References6Affected Software1
Metasploit
Metasploit
added 2023/09/07 7:51 p.m.510 views

Elasticsearch Memory Disclosure

This module exploits a memory disclosure vulnerability in Elasticsearch 7.10.0 to 7.13.3 inclusive. A user with the ability to submit arbitrary queries to Elasticsearch can generate an error message containing previously used portions of a data buffer. This buffer could contain sensitive...

6.5CVSS7.1AI score0.76249EPSS
Exploits6
Circl
Circl
added 2023/09/07 3:26 p.m.10 views

CVE-2021-22145

creationtimestamp| type| source ---|---|--- 2023-09-07 15:26:52+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/elasticsearchmemorydisclosure.rb 2025-02-06 03:13:45+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...

6.5CVSS7AI score0.76249EPSS
Exploits6References1
vulnersOsv
vulnersOsv
added 2022/05/24 7:8 p.m.6 views

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=5.7.9), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=5.7.9) +382 more potentially affected by CVE-2021-22145 via org.elasticsearch.client:elasticsearch-rest-client (>=7.10.0 <=7.13.3)

org.elasticsearch.client:elasticsearch-rest-client MAVEN version =7.10.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =5.7.9 and more Source cves: CVE-2021-22145 Source advisory: OSV:GHSA-Q394-H7F5-7F44...

6.5CVSS6.9AI score0.76249EPSS
Exploits6
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/15 8:13 a.m.39 views

Security Bulletin: IBM Security SOAR is using a component with known vulnerabilities - Elasticsearch ( CVE-2021-22144, CVE-2021-22145, CVE-2021-22147)

Summary IBM Security SOAR is using a component with known vulnerabilities - Elasticsearch CVE-2021-22144, CVE-2021-22145, CVE-2021-22147 Vulnerability Details CVEID: CVE-2021-22144 DESCRIPTION: Elasticsearch is vulnerable to a denial of service, caused by an uncontrolled recursion vulnerability i...

6.5CVSS6.8AI score0.76249EPSS
Exploits6
Exploit DB
Exploit DB
added 2021/07/23 12:0 a.m.865 views

ElasticSearch 7.13.3 - Memory disclosure

Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Date: 21/07/2021 Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import...

6.5CVSS6.7AI score0.76249EPSS
Exploits6
0day.today
0day.today
added 2021/07/23 12:0 a.m.214 views

ElasticSearch 7.13.3 - Memory disclosure Exploit

Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import ArgumentParser...

6.5CVSS6.8AI score0.76249EPSS
Exploits6
Packet Storm
Packet Storm
added 2021/07/23 12:0 a.m.735 views

ElasticSearch 7.13.3 Memory Disclosure

Exploit Title: ElasticSearch 7.13.3 - Memory disclosure Date: 21/07/2021 Exploit Author: r0ny Vendor Homepage: https://www.elastic.co/ Software Link: https://github.com/elastic/elasticsearch Version: 7.10.0 to 7.13.3 Tested on: Kali Linux CVE : CVE-2021-22145 /usr/bin/python3 from argparse import...

6.8AI score0.76249EPSS
Exploits6
UbuntuCve
UbuntuCve
added 2021/07/21 3:15 p.m.24 views

CVE-2021-22145

A memory disclosure vulnerability was identified in Elasticsearch 7.10.0 to 7.13.3 error reporting. A user with the ability to submit arbitrary queries to Elasticsearch could submit a malformed query that would result in an error message returned containing previously used portions of a data...

6.5CVSS7.1AI score0.76249EPSS
Exploits6References1
CVE
CVE
added 2021/07/21 11:20 a.m.249 views

CVE-2021-22145

CVE-2021-22145 affects Elasticsearch 7.10.0–7.13.3 in its error reporting, allowing memory disclosure where an attacker submitting malformed queries could cause error messages to include previously used data buffer contents (e.g., documents or authentication details). The issue is documented acro...

6.5CVSS6.5AI score0.76249EPSS
Exploits6References5Affected Software1
Rows per page
Query Builder