CNNVD-202512-3334 Information

CNNVD ID

CNNVD-202512-3334

Related CVE

CVE-2025-68384

• CNNVD Published: 2025-12-18

Description (Chinese)

Elastic Elasticsearch是荷兰Elastic公司的一个基于Lucene库的搜索引擎。 Elastic Elasticsearch存在安全漏洞，该漏洞源于资源分配无限制，可能导致拒绝服务。

Description (English)

Elasticsearch is a search engine based on the Lucene bank of the Netherlands company Elastic. Elastic Elasticsearch has a security loophole, which stems from unlimited resource allocation and may lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Elastic

Published

2025-12-18

Last Modified

2026-02-24

References

https://discuss.elastic.co/t/elasticsearch-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-33/384181 https://vigilance.fr/vulnerability/Elasticsearch-overload-via-Oversized-User-Settings-Data-49168