Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Fix Grok recursion issue. #1078

Closed
CEHENKLE opened this issue Aug 11, 2021 · 0 comments · Fixed by #1079 or #1087
Closed

[BUG] Fix Grok recursion issue. #1078

CEHENKLE opened this issue Aug 11, 2021 · 0 comments · Fixed by #1079 or #1087
Assignees
@kartg
Labels
bug Something isn't working v1.1.0 Issues, PRs, related to the 1.1.0 release

Comments

@CEHENKLE
Copy link
Member

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-22144
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kartg kartg

Labels
bug Something isn't working v1.1.0 Issues, PRs, related to the 1.1.0 release
Projects
None yet
Milestone
No milestone
2 participants
@CEHENKLE @kartg