A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature.
Metrics
Affected Vendors & Products
References
History
Thu, 03 Oct 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Elastic
Elastic elasticsearch |
|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:* | |
Vendors & Products |
Elastic
Elastic elasticsearch |
Fri, 16 Aug 2024 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: elastic
Published: 2024-06-13T16:26:57.983Z
Updated: 2024-08-16T17:02:41.347Z
Reserved: 2024-06-05T14:21:14.941Z
Link: CVE-2024-37280
Vulnrichment
Updated: 2024-08-16T17:02:41.347Z
NVD
Status : Modified
Published: 2024-06-13T17:15:50.967
Modified: 2024-11-21T09:23:31.860
Link: CVE-2024-37280
Redhat