Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ElasticElasticsearch

3 matches found

CVE
CVEadded 2023/10/26 6:15 p.m.147 views

CVE-2023-31419

A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.

7.5CVSS6.6AI score0.14974EPSS
CVE
CVEadded 2023/10/26 6:15 p.m.125 views

CVE-2023-31418

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and w...

7.5CVSS7.3AI score0.00549EPSS
CVE
CVEadded 2023/10/26 6:15 p.m.89 views

CVE-2023-31417

Elasticsearch generally filters out sensitive information and credentials before logging to the audit log. It was found that this filtering was not applied when requests to Elasticsearch use certain deprecated URIs for APIs. The impact of this flaw is that sensitive information such as passwords an...

4.4CVSS5AI score0.00038EPSS