Maven package
org.elasticsearch.plugin/x-pack-security
pkg:maven/org.elasticsearch.plugin/x-pack-security
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-68384 | — | < 8.19.9 | 8.19.9 | Dec 18, 2025 | Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial of service (OOM crash) via submission of oversized user settings data. |
- CVE-2025-68384Dec 18, 2025affected < 8.19.9fixed 8.19.9
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial of service (OOM crash) via submission of oversized user settings data.