12 matches found
EUVD-2024-1021
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-23450
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
BIT-ELASTICSEARCH-2024-23449 Elasticsearch Uncaught Exception
An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...
SUSE CVE-2024-23449
An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...
Elasticsearch Uncaught Exception leading to crash
An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...
UBUNTU-CVE-2024-23449
An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...
CVE-2024-23449 Elasticsearch Uncaught Exception
An uncaught exception in Elasticsearch = 8.4.0 and 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypte...
CVE-2024-23450
A flaw was found in elasticsearch. Trying to process a document in a deeply nested pipeline may cause the related ingest node to crash, resulting in a Denial of Service...
Elasticsearch Uncontrolled Resource Consumption vulnerability
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
GHSA-W5GG-2Q56-6H4F Elasticsearch Uncontrolled Resource Consumption vulnerability
A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash...
CVE-2024-23450
CVE-2024-23450 describes an Elasticsearch denial of service where processing a document in a deeply nested ingest pipeline can crash the node (CWE-400). The NVD/CVSS data show CVSS v3.1 base score 7.5 (HIGH) with network attack vector and no user interaction. Connected IBM notices tie this CVE to...
PT-2024-2595 · Elastic · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch affected versions not specified Description: A flaw was discovered in Elasticsearch, where processing a document in a deeply nested pipeline on an ingest node could cause the Elasticsearch node to crash. The issue is also relate...