Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.elasticsearch/elasticsearch@8.14.1
Typemaven
Namespaceorg.elasticsearch
Nameelasticsearch
Version8.14.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.19.8
Latest_non_vulnerable_version9.2.2
Affected_by_vulnerabilities
0
url VCID-2dh7-uz4v-m7by
vulnerability_id VCID-2dh7-uz4v-m7by
summary 
Elasticsearch: Insertion of Sensitive Information into Log File via reindex API
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the  reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37727.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37727.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-37727
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.05419
published_at 2026-06-06T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05436
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-37727
2
reference_url https://discuss.elastic.co/t/elasticsearch-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-18/382453
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-10T16:34:28Z/
url https://discuss.elastic.co/t/elasticsearch-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-18/382453
3
reference_url https://github.com/elastic/elasticsearch
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch
4
reference_url https://github.com/elastic/elasticsearch/commit/e982eef416a5e1c2a4e94236d7d3b33b5c8d07db
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/e982eef416a5e1c2a4e94236d7d3b33b5c8d07db
5
reference_url https://www.elastic.co/guide/en/elasticsearch/reference/8.18/release-notes-8.18.8.html
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.elastic.co/guide/en/elasticsearch/reference/8.18/release-notes-8.18.8.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2403034
reference_id 2403034
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2403034
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-37727
reference_id CVE-2025-37727
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-37727
8
reference_url https://github.com/advisories/GHSA-56r7-h6mw-rcfv
reference_id GHSA-56r7-h6mw-rcfv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-56r7-h6mw-rcfv
fixed_packages
0
url pkg:maven/org.elasticsearch/elasticsearch@8.18.8
purl pkg:maven/org.elasticsearch/elasticsearch@8.18.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n2gb-4wdb-kqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@8.18.8
1
url pkg:maven/org.elasticsearch/elasticsearch@8.19.5
purl pkg:maven/org.elasticsearch/elasticsearch@8.19.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n2gb-4wdb-kqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@8.19.5
2
url pkg:maven/org.elasticsearch/elasticsearch@9.0.8
purl pkg:maven/org.elasticsearch/elasticsearch@9.0.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n2gb-4wdb-kqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@9.0.8
3
url pkg:maven/org.elasticsearch/elasticsearch@9.1.5
purl pkg:maven/org.elasticsearch/elasticsearch@9.1.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-n2gb-4wdb-kqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@9.1.5
aliases CVE-2025-37727, GHSA-56r7-h6mw-rcfv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dh7-uz4v-m7by
1
url VCID-4vqq-r29t-aba3
vulnerability_id VCID-4vqq-r29t-aba3
summary 
Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function
A flaw was discovered in Elasticsearch, where a large recursion using the innerForbidCircularReferences function of the PatternBank class could cause the Elasticsearch node to crash.

A successful attack requires a malicious user to have read_pipeline Elasticsearch cluster privilege assigned to them.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-52980
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.27987
published_at 2026-06-06T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.28037
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-52980
1
reference_url https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T19:59:32Z/
url https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919
2
reference_url https://github.com/elastic/elasticsearch
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch
3
reference_url https://github.com/elastic/elasticsearch/commit/4e5c6801f4d60f100f122072f6bf35b21fd722a5
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/4e5c6801f4d60f100f122072f6bf35b21fd722a5
4
reference_url https://github.com/elastic/elasticsearch/commit/a02dc7165c75f12701f8d47a2bdefe5283735267
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/a02dc7165c75f12701f8d47a2bdefe5283735267
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-52980
reference_id CVE-2024-52980
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-52980
6
reference_url https://github.com/advisories/GHSA-ghfh-p92w-j4mg
reference_id GHSA-ghfh-p92w-j4mg
reference_type
scores
url https://github.com/advisories/GHSA-ghfh-p92w-j4mg
fixed_packages
0
url pkg:maven/org.elasticsearch/elasticsearch@8.15.1
purl pkg:maven/org.elasticsearch/elasticsearch@8.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dh7-uz4v-m7by
1
vulnerability VCID-jauz-t6az-2yer
2
vulnerability VCID-n2gb-4wdb-kqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@8.15.1
aliases CVE-2024-52980, GHSA-ghfh-p92w-j4mg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4vqq-r29t-aba3
2
url VCID-dznq-6wd1-fqf8
vulnerability_id VCID-dznq-6wd1-fqf8
summary 
Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion
An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-52981
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.2646
published_at 2026-06-06T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26469
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-52981
1
reference_url https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-08T19:58:40Z/
url https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924
2
reference_url https://github.com/elastic/elasticsearch
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch
3
reference_url https://github.com/elastic/elasticsearch/commit/097fc0654f9305e01402a06c82926bb04ebe5495
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/097fc0654f9305e01402a06c82926bb04ebe5495
4
reference_url https://github.com/elastic/elasticsearch/commit/91ddb124219a5be992644fcf78d7d061e4b7d44c
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/91ddb124219a5be992644fcf78d7d061e4b7d44c
5
reference_url https://github.com/elastic/elasticsearch/commit/f0948d38fdc811eca4a4b71dcb81a9b7dbb654b3
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/f0948d38fdc811eca4a4b71dcb81a9b7dbb654b3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-52981
reference_id CVE-2024-52981
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-52981
7
reference_url https://github.com/advisories/GHSA-5xm9-x7x4-4j5x
reference_id GHSA-5xm9-x7x4-4j5x
reference_type
scores
url https://github.com/advisories/GHSA-5xm9-x7x4-4j5x
fixed_packages
0
url pkg:maven/org.elasticsearch/elasticsearch@8.15.1
purl pkg:maven/org.elasticsearch/elasticsearch@8.15.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dh7-uz4v-m7by
1
vulnerability VCID-jauz-t6az-2yer
2
vulnerability VCID-n2gb-4wdb-kqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@8.15.1
aliases CVE-2024-52981, GHSA-5xm9-x7x4-4j5x
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dznq-6wd1-fqf8
3
url VCID-jauz-t6az-2yer
vulnerability_id VCID-jauz-t6az-2yer
summary 
Elasticsearch Uncontrolled Resource Consumption Vulnerability
Uncontrolled Resource Consumption in Elasticsearch while evaluating specifically crafted search templates with Mustache functions can lead to Denial of Service by causing the Elasticsearch node to crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52979.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52979.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-52979
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41592
published_at 2026-06-06T12:55:00Z
1
value 0.00197
scoring_system epss
scoring_elements 0.41584
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-52979
2
reference_url https://discuss.elastic.co/t/elasticsearch-7-17-25-and-8-16-0-security-update-esa-2024-40/377709
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-01T13:25:38Z/
url https://discuss.elastic.co/t/elasticsearch-7-17-25-and-8-16-0-security-update-esa-2024-40/377709
3
reference_url https://github.com/elastic/elasticsearch
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch
4
reference_url https://github.com/elastic/elasticsearch/commit/cbde7f456d7ccd98556302fccf3238bb4557fc91
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/cbde7f456d7ccd98556302fccf3238bb4557fc91
5
reference_url https://github.com/elastic/elasticsearch/commit/f9b6b57d1d0f76e2d14291c04fb50abeb642cfbf
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/f9b6b57d1d0f76e2d14291c04fb50abeb642cfbf
6
reference_url https://github.com/elastic/elasticsearch/pull/114002
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/pull/114002
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2363312
reference_id 2363312
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2363312
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-52979
reference_id CVE-2024-52979
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-52979
9
reference_url https://github.com/advisories/GHSA-mm3m-5497-xggg
reference_id GHSA-mm3m-5497-xggg
reference_type
scores
url https://github.com/advisories/GHSA-mm3m-5497-xggg
fixed_packages
0
url pkg:maven/org.elasticsearch/elasticsearch@8.16.0
purl pkg:maven/org.elasticsearch/elasticsearch@8.16.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2dh7-uz4v-m7by
1
vulnerability VCID-d3wu-97na-8qf1
2
vulnerability VCID-n2gb-4wdb-kqdf
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@8.16.0
aliases CVE-2024-52979, GHSA-mm3m-5497-xggg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jauz-t6az-2yer
4
url VCID-n2gb-4wdb-kqdf
vulnerability_id VCID-n2gb-4wdb-kqdf
summary 
Elasticsearch PKI Realm Authentication Bypass Vulnerability Allows User Impersonation Through Crafted Client Certificates
Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37731.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37731.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-37731
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.1182
published_at 2026-06-06T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11826
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-37731
2
reference_url https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-27/384063
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T04:56:03Z/
url https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-27/384063
3
reference_url https://github.com/elastic/elasticsearch
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch
4
reference_url https://github.com/elastic/elasticsearch/commit/cd97b8566bf56e628070021300784cb9cee0286f
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/cd97b8566bf56e628070021300784cb9cee0286f
5
reference_url https://github.com/elastic/elasticsearch/commit/d8a408da79f214395845d99d241e832077045983
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/d8a408da79f214395845d99d241e832077045983
6
reference_url https://github.com/elastic/elasticsearch/commit/e519fe4c51a3c887675eb7daea2f914738847f23
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/elastic/elasticsearch/commit/e519fe4c51a3c887675eb7daea2f914738847f23
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422248
reference_id 2422248
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422248
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-37731
reference_id CVE-2025-37731
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-37731
9
reference_url https://github.com/advisories/GHSA-m9gh-789g-q5pv
reference_id GHSA-m9gh-789g-q5pv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m9gh-789g-q5pv
fixed_packages
0
url pkg:maven/org.elasticsearch/elasticsearch@8.19.8
purl pkg:maven/org.elasticsearch/elasticsearch@8.19.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@8.19.8
1
url pkg:maven/org.elasticsearch/elasticsearch@9.1.8
purl pkg:maven/org.elasticsearch/elasticsearch@9.1.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@9.1.8
2
url pkg:maven/org.elasticsearch/elasticsearch@9.2.2
purl pkg:maven/org.elasticsearch/elasticsearch@9.2.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@9.2.2
aliases CVE-2025-37731, GHSA-m9gh-789g-q5pv
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n2gb-4wdb-kqdf
Fixing_vulnerabilities
Risk_score3.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.elasticsearch/elasticsearch@8.14.1