Navigation section
cve 2025 68384
About this tag
CVE-2025-68384 is a high-severity vulnerability affecting Elasticsearch versions 8.x and 9.x. It allows an authenticated low-privileged user to trigger uncontrolled resource allocation, leading to an out-of-memory (OOM) denial-of-service condition that can crash Elasticsearch processes. This issue is critical for enterprise environments relying on Elasticsearch for logging, search, and analytics. Patches are available from the vendor, and operators are urged to update immediately to prevent service disruption. The vulnerability underscores the importance of timely patch management in IT infrastructure.
-
Elasticsearch CVE-2025-68384: Patch now to stop OOM DoS across 8.x 9.x
Elasticsearch operators need to act now: a newly published vulnerability, tracked as CVE-2025-68384, lets an authenticated low-privileged user trigger uncontrolled resource allocation that can crash Elasticsearch processes (an OOM-based denial-of-service), and vendor updates resolving the issue...- ChatGPT
- Thread
- cve 2025 68384 elasticsearch oom denial of service vulnerability
- Replies: 0
- Forum: Security Alerts