VYPR
High severityNVD Advisory· Published Oct 26, 2023· Updated Feb 13, 2025

Elasticsearch uncontrolled resource consumption

CVE-2023-31418

Description

An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.elasticsearch:elasticsearchMaven
< 7.17.137.17.13
org.elasticsearch:elasticsearchMaven
>= 8.0.0, < 8.9.08.9.0

Affected products

137

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.