CVE-2025-68384

ADVISORY - github

Summary

Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) causing a persistent denial of service (OOM crash) via submission of oversized user settings data.

EPSS Score⁠: 0.00049 (0.152)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - github

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - redhat

CWE-770⁠

Allocation of Resources Without Limits or Throttling

Impacted images

Advisories

NIST

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-68384⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

6.5medium

GitHub

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDGHSA-qf7c-7r9h-mm92⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

6.5medium

Ubuntu

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-68384⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

BIT-elasticsearch-2025-68384

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

Red Hat

CREATED

1 month ago

UPDATED

23 days ago

ADVISORY IDCVE-2025-68384⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

6.5medium

Chainguard

CREATED

16 days ago

UPDATED

16 days ago

ADVISORY ID

CGA-33pw-jrqr-r7fh

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-3p5r-35jf-j862

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-cm5q-6cw5-c2ch

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-r23c-p68q-p477

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-286g-jp22-c5j7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

25 days ago

UPDATED

25 days ago

ADVISORY ID

MINI-384j-2vc8-rcfj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

10 days ago

UPDATED

10 days ago

ADVISORY ID

MINI-42hw-8mvh-pr99

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-4jhh-34xg-v3q2

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-739j-4m9m-rxjg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-8vv6-8gh5-73mh

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

28 days ago

UPDATED

28 days ago

ADVISORY ID

MINI-9x23-x6jh-7r8w

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

MINI-g7g4-gm9q-q2wm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

29 days ago

UPDATED

29 days ago

ADVISORY ID

MINI-mgpx-wq58-x73q

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

14 days ago

UPDATED

14 days ago

ADVISORY ID

MINI-p529-vjhp-m2m4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

29 days ago

UPDATED

29 days ago

ADVISORY ID

MINI-qhx6-4f3w-g6cv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

17 days ago

UPDATED

17 days ago

ADVISORY ID

MINI-vhxv-228j-prw4

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-x98j-r39w-j6gv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY