Описание
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
A flaw was found in Elasticsearch. This issue affects the _search API that allowed a specially crafted query string to cause a stack overflow and, ultimately, a denial of service.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/elasticsearch6-rhel8 | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/fluentd-rhel8 | Not affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/kibana6-rhel8 | Not affected | ||
| Red Hat JBoss Fuse Service Works 6 | elasticsearch | Out of support scope | ||
| Red Hat Quay 3 | quay/quay-rhel8 | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
A flaw was discovered in Elasticsearch, affecting the _search API that ...
Elasticsearch vulnerable to stack overflow in the search API
Уязвимость компонента API _search поисковой системы Elasticsearch, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3