Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • gitlab-org/security-products/gemnasium-db
  • chubbymaggie/gemnasium-db
  • fcatteau/gemnasium-db
  • KJLJon/gemnasium-db
  • caneldem/gemnasium-db
  • Chest1/gemnasium-db
  • kayger44/gemnasium-db
  • brondsem/gemnasium-db
  • ifrenkel/gemnasium-db
  • rusher1/gemnasium-db
  • hristiyan.ivanov/gemnasium-db
  • gonzoyumo/gemnasium-db
  • robw-nom/gemnasium-db
  • westonsteimel/gemnasium-db
  • masahiro331/gemnasium-db
  • cmthomps/gemnasium-db
  • thomas.wesolowski/gemnasium-db
  • chamagwa/gemnasium-db
  • BanzaiMan/gemnasium-db
  • vishal.gupta6/gemnasium-db
  • candrews/gemnasium-db
  • attritionorg/gemnasium-db
  • dbolkensteyn/gemnasium-db
  • Snakefinder/gemnasium-db
  • masakura/gemnasium-db
  • ryan461/gemnasium-db
  • captncraig/gemnasium-db
  • rousey.thomas-heb/advisory-database-test
  • Ferada/gemnasium-db
  • elebow/gemnasium-db
  • Lapantera21/gemnasium-db
  • halfcrazy/gemnasium-db
  • neilcar/gemnasium-db
  • tywayne/gemnasium-db
  • vanschelven/gemnasium-db
  • mjkalasky2/gemnasium-db
  • bm402/gemnasium-db
  • reiner.gerecke/gemnasium-db
  • SunBK201/gemnasium-db
  • niklas.volcz/gemnasium-db
  • whostolebenfrog/gemnasium-db
  • PawelBarbarski/gemnasium-db
  • sify21/gemnasium-db
  • flagosatfluid/gemnasium-db
  • cflucasraab/gemnasium-db
  • wjrarneson78/gemnasium-db
  • Kamoot/gemnasium-db
  • fedemengo/gemnasium-db
  • mrtux/gemnasium-db
  • hkojha601/gemnasium-db
  • jason447/gemnasium-db
  • mschoettle/gemnasium-db
  • greengeko/gemnasium-db
  • aaronsmith1/gemnasium-db
  • dbonino/gemnasium-db
  • davidsalame/gemnasium-db
  • philipcunningham/gemnasium-db
  • BCsabaEngine/gemnasium-db
  • christian.dupuis/gemnasium-db
  • guidobonomi/gemnasium-db
  • bertuxdeveloper/gemnasium-db
  • matthewberrysys/gemnasium-db
  • aantonel-sysdig/gemnasium-db
  • irene221b/gemnasium-db
  • armbiant/gnome-go-advisory-database
  • awsactran/gemnasium-db
  • ayreon02/gemnasium-db
  • gitlab-community/gitlab-org/security-products/gemnasium-db
68 results
Show changes
Commits on Source (2)
---
identifier: "CVE-2024-23449"
identifiers:
- "CVE-2024-23449"
- "GHSA-pw39-f3m5-cxfc"
package_slug: "maven/org.elasticsearch/elasticsearch"
title: "Elasticsearch Uncaught Exception leading to crash"
description: "An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs
when an encrypted PDF is passed to an attachment processor through the REST API.
The Elasticsearch ingest node that attempts to parse the PDF file will crash. This
does not happen with password-protected PDF files or with unencrypted PDF files."
date: "2024-03-29"
pubdate: "2024-03-29"
affected_range: "[8.4.0,8.11.1)"
fixed_versions:
- "8.11.1"
affected_versions: "All versions starting from 8.4.0 before 8.11.1"
not_impacted: "All versions before 8.4.0, all versions starting from 8.11.1"
solution: "Upgrade to version 8.11.1 or above."
urls:
- "https://nvd.nist.gov/vuln/detail/CVE-2024-23449"
- "https://github.com/advisories/GHSA-pw39-f3m5-cxfc"
- "https://discuss.elastic.co/t/elasticsearch-8-11-1-security-update-esa-2024-05/356458"
- "https://github.com/elastic/elasticsearch"
cvss_v3: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
uuid: "5df4bfc8-3cf9-4060-960a-c005fe98d762"
cwe_ids:
- "CWE-248"
- "CWE-937"
- "CWE-1035"