GHSA-285m-vhfq-xx4h

Suggest an improvement
Source
https://github.com/advisories/GHSA-285m-vhfq-xx4h
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/11/GHSA-285m-vhfq-xx4h/GHSA-285m-vhfq-xx4h.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-285m-vhfq-xx4h
Aliases
Published
2023-11-22T12:30:26Z
Modified
2023-12-01T08:11:36.709493Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Elasticsearch Improper Handling of Exceptional Conditions
Details

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

Database specific
{
    "nvd_published_at": "2023-11-22T10:15:08Z",
    "cwe_ids": [
        "CWE-755"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-11-22T20:57:26Z"
}
References

Affected packages

Maven / org.elasticsearch:elasticsearch

Package

Name
org.elasticsearch:elasticsearch
View open source insights on deps.dev
Purl
pkg:maven/org.elasticsearch/elasticsearch

Affected ranges

Type
ECOSYSTEM
Events
Introduced
7.0.0
Fixed
7.17.14

Affected versions

7.*

7.0.0
7.0.1
7.1.0
7.1.1
7.2.0
7.2.1
7.3.0
7.3.1
7.3.2
7.4.0
7.4.1
7.4.2
7.5.0
7.5.1
7.5.2
7.6.0
7.6.1
7.6.2
7.7.0
7.7.1
7.8.0
7.8.1
7.9.0
7.9.1
7.9.2
7.9.3
7.10.0
7.10.1
7.10.2
7.11.0
7.11.1
7.11.2
7.12.0
7.12.1
7.13.0
7.13.1
7.13.2
7.13.3
7.13.4
7.14.0
7.14.1
7.14.2
7.15.0
7.15.1
7.15.2
7.16.0
7.16.1
7.16.2
7.16.3
7.17.0
7.17.1
7.17.2
7.17.3
7.17.4
7.17.5
7.17.6
7.17.7
7.17.8
7.17.9
7.17.10
7.17.11
7.17.12
7.17.13

Maven / org.elasticsearch:elasticsearch

Package

Name
org.elasticsearch:elasticsearch
View open source insights on deps.dev
Purl
pkg:maven/org.elasticsearch/elasticsearch

Affected ranges

Type
ECOSYSTEM
Events
Introduced
8.0.0
Fixed
8.10.3

Affected versions

8.*

8.0.0
8.0.1
8.1.0
8.1.1
8.1.2
8.1.3
8.2.0
8.2.1
8.2.2
8.2.3
8.3.0
8.3.1
8.3.2
8.3.3
8.4.0
8.4.1
8.4.2
8.4.3
8.5.0
8.5.1
8.5.2
8.5.3
8.6.0
8.6.1
8.6.2
8.7.0
8.7.1
8.8.0
8.8.1
8.8.2
8.9.0
8.9.1
8.9.2
8.10.0
8.10.1
8.10.2