VulnerableCode Package Details - pkg:maven/org.elasticsearch/elasticsearch@8.9.0

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:maven/org.elasticsearch/elasticsearch@8.9.0

purl	pkg:maven/org.elasticsearch/elasticsearch@8.9.0

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-v4uk-qdq3-m3e6	Elasticsearch vulnerable to Uncontrolled Resource Consumption An issue has been identified with how Elasticsearch handled incoming requests on the HTTP layer. An unauthenticated user could force an Elasticsearch node to exit with an OutOfMemory error by sending a moderate number of malformed HTTP requests. The issue was identified by Elastic Engineering and we have no indication that the issue is known or that it is being exploited in the wild.	CVE-2023-31418 GHSA-2cqf-6xv9-f22w

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-30T21:02:24.421433+00:00	GitLab Importer	Fixing	VCID-v4uk-qdq3-m3e6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.elasticsearch/elasticsearch/CVE-2023-31418.yml	38.6.0