Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-qwrx-45xf-jjf7

GitHub Security Advisory

Elasticsearch vulnerable to stack overflow in the search API

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

A flaw was discovered in Elasticsearch affecting the `_search` API that allowed a specially crafted query string to cause a stack overflow and ultimately a denial of service.

Affected Packages

Maven org.elasticsearch:elasticsearch
Affected versions: 7.0.0 (fixed in 7.17.13)
Maven org.elasticsearch:elasticsearch
Affected versions: 8.0.0 (fixed in 8.9.1)

Related CVEs

CVE-2023-31419

Key Information

GHSA ID
GHSA-qwrx-45xf-jjf7
Published
October 26, 2023 6:30 PM
Last Modified
October 30, 2023 3:15 PM
CVSS Score
5.0 /10
Primary Ecosystem
Maven
Primary Package
org.elasticsearch:elasticsearch
GitHub Reviewed
✓ Yes

Dataset

Last updated: November 26, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.