8 matches found
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in elasticsearch-7.10.2.jar
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of elasticsearch-7.10.2.jar Vulnerability Details CVEID:CVE-2023-31418 DESCRIPTION: Elastic Elasticsearch is vulnerable to a denial of service, caused by uncontrolled resource consumption. By sending a moderate...
Security Bulletin: Netcool Operations Insights 1.6.13 addresses multiple security vulnerabilities.
Summary Netcool Operations Insight v1.6.13 addresses multiple security vulnerabilities, listed in the CVEs below. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2021-31684 DESCRIPTION: netplex JSON Smart is vulnerable to a denial of...
CVE-2023-46673
A flaw was found in Elasticsearch. A malicious script used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. Mitigation No mitigation is yet available for this flaw...
ai.ylyue:yue-library-data-es (>=j11.2.6.0 <=j11.2.6.2), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=6.10.5) +521 more potentially affected by CVE-2023-46673 via org.elasticsearch:elasticsearch (>=7.0.0 <=7.17.13)
org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j11.2.6.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.10.0, =6.10.0, =6.10.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =5.7.9 and more Source cves: CVE-2023-46673 Source advisory: OSV:GHSA-285M-VHFQ-XX4H...
CVE-2023-46673
CVE-2023-46673 affects Elastic Elasticsearch. Malformed scripts in the script processor of an Ingest Pipeline can cause an Elasticsearch node to crash when calling the Simulate Pipeline API, enabling a denial of service. The vulnerability is tied to the Simulate Pipeline API handling and may impa...
CVE-2023-46673
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...
CVE-2023-46673
It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API...
Elasticsearch 7.17.14 / 8.10.3 Security Update (ESA-2023-24)
Elasticsearch Improper Handling of Exceptional Conditions ESA-2023-24 It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API. Affected Versions: Elasticsearch versions on or afte...