CVE-2024-52980

CVE-2024-52980

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.

CVE-2024-52980

A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash. A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.

CVE-2024-52980

Elasticsearch Uncontrolled Resource Consumption vulnerability

GHSA-ghfh-p92w-j4mg

Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function