GHSA-285m-vhfq-xx4h

Опубликовано: 22 нояб. 2023

Источник: github

Github: Прошло ревью

CVSS3: 6.5

Описание

Elasticsearch Improper Handling of Exceptional Conditions

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

Ссылки

Пакеты

Наименование

org.elasticsearch:elasticsearch

maven

Затронутые версииВерсия исправления

>= 7.0.0, < 7.17.14

7.17.14

Наименование

org.elasticsearch:elasticsearch

maven

Затронутые версииВерсия исправления

>= 8.0.0, < 8.10.3

8.10.3

EPSS

Процентиль: 74%

0.00811

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2023-46673

Дефекты

CWE-755

Связанные уязвимости

CVE-2023-46673

CVSS3: 6.5

ubuntu

около 2 лет назад

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

CVE-2023-46673

CVSS3: 7.5

redhat

около 2 лет назад

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

CVE-2023-46673

CVSS3: 6.5

nvd

около 2 лет назад

It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling the Simulate Pipeline API.

CVE-2023-46673

CVSS3: 6.5

debian

около 2 лет назад

It was identified that malformed scripts used in the script processor ...

EPSS

Процентиль: 74%

0.00811

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2023-46673

Дефекты

CWE-755