CVE-2025-68384

6.5MEDIUM

Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial of s

Опубликовано: 12/18/2025Обновлено: 12/23/2025
Посмотреть на NVDПосмотреть на MITRE

Описание

Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial of service (OOM crash) via submission of oversized user settings data.

ИИ-АнализНа базе ИИ

Затронутые продукты

elasticelasticsearch
elasticelasticsearch
elasticelasticsearch
elasticelasticsearch

Ссылки