GHSA-mw3v-mmfw-3x2g

Опубликовано: 25 нояб. 2025

Источник: github

Github: Прошло ревью

CVSS4: 8.3

Описание

OpenSearch is vulnerable to DoS via complex query_string inputs

A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs.

This issue affects all OpenSearch versions below 3.2.0.

Ссылки

Пакеты

Наименование

org.opensearch:opensearch-common

maven

Затронутые версииВерсия исправления

< 3.3.0

3.3.0

EPSS

Процентиль: 12%

0.00042

Низкий

8.3 High

CVSS4

CVE ID

CVE-2025-9624

Дефекты

CWE-674

Связанные уязвимости

CVE-2025-9624

ubuntu

5 дней назад

A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs. This issue affects all OpenSearch versions below 3.2.0.

CVE-2025-9624

nvd

5 дней назад

A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs. This issue affects all OpenSearch versions below 3.2.0.

CVE-2025-9624

debian

5 дней назад

A vulnerability in OpenSearch allows attackers to cause Denial of Serv ...

EPSS

Процентиль: 12%

0.00042

Низкий

8.3 High

CVSS4

CVE ID

CVE-2025-9624

Дефекты

CWE-674