CVE-2023-31418

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-31418
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-31418.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-31418
Aliases
Related
Published
2023-10-26T18:15:08Z
Modified
2024-10-11T08:28:53Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.

References

Affected packages

Git / github.com/elastic/elasticsearch

Affected ranges

Type
GIT
Repo
https://github.com/elastic/elasticsearch
Events