Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Elasticsearch Uncaught Exception
Vulnerability Description
An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未捕获的异常
Vulnerability Title
Elasticsearch 安全漏洞
Vulnerability Description
Elasticsearch是一个基于Lucene库的搜索引擎。 Elasticsearch 8.4.0版本至8.11.1之前版本存在安全漏洞,该漏洞源于当加密的PDF通过REST API传递到附件处理器时,会发生未捕获的异常。
CVSS Information
N/A
Vulnerability Type
N/A