CNNVD-202511-2707 Information
CNNVD ID
CNNVD-202511-2707
Related CVE
- CNNVD Published: 2025-11-25
Description (Chinese)
OpenSearch是OpenSearch开源的一个分布式搜索和分析软件。 OpenSearch 3.2.0之前版本存在安全漏洞,该漏洞源于处理复杂query_string输入不当,可能导致拒绝服务攻击。
Description (English)
OpenSearch is a distributed search and analysis software for OpenSearch open source. There was a security loophole in the pre-OpenSearch 3.2.0 version, which stemmed from the misinputation of complex query string, which could lead to a denial of service attack.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
OpenSearch
Published
2025-11-25
Last Modified
2026-02-24
References
https://opensearch.org/blog/explore-opensearch-3-3/ https://fluidattacks.com/advisories/chick https://github.com/opensearch-project/OpenSearch/releases/tag/2.19.4 https://github.com/opensearch-project/OpenSearch/releases/tag/3.3.0 https://access.redhat.com/security/cve/cve-2025-9624
Patch
https://opensearch.org/blog/explore-opensearch-3-3/
Share on: