CVE-2025-68390

ADVISORY - github

Summary

Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.

EPSS Score⁠: 0.00137 (0.340)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - github

CWE-770⁠

Allocation of Resources Without Limits or Throttling

ADVISORY - redhat

CWE-770⁠

Allocation of Resources Without Limits or Throttling

Impacted images

Advisories

NIST

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-68390⁠

EXPLOITABILITY SCORE

1.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

4.9medium

GitHub

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDGHSA-gphj-4h6p-37xq⁠

EXPLOITABILITY SCORE

1.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

4.9medium

Ubuntu

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-68390⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Bitnami

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

BIT-elasticsearch-2025-68390

EXPLOITABILITY SCORE

1.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.9medium

Red Hat

CREATED

1 month ago

UPDATED

23 days ago

ADVISORY IDCVE-2025-68390⁠

EXPLOITABILITY SCORE

1.2

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-770⁠

CVSS SCORE

4.9medium

Chainguard

CREATED

16 days ago

UPDATED

16 days ago

ADVISORY ID

CGA-2f2h-ccww-h47h

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-3h2j-qxfj-q4pv

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-3vx6-q5qp-m6rf

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-8c58-5whr-g66c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

CGA-ppjr-xg6m-j5q7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

29 days ago

UPDATED

29 days ago

ADVISORY ID

MINI-2c5m-993x-qm5c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

28 days ago

UPDATED

28 days ago

ADVISORY ID

MINI-5xfv-mxrp-2398

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-6rcv-3f27-mm2c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

1 month ago

UPDATED

1 month ago

ADVISORY ID

MINI-6w7c-q497-w62r

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-792f-qvxj-w9vg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

29 days ago

UPDATED

29 days ago

ADVISORY ID

MINI-89hp-c6x4-7rjg

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

7 days ago

UPDATED

7 days ago

ADVISORY ID

MINI-9rvg-qpvg-hhr9

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

25 days ago

UPDATED

25 days ago

ADVISORY ID

MINI-g3fh-8cvg-fx39

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-pccj-g5qh-mhwm

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

10 days ago

UPDATED

10 days ago

ADVISORY ID

MINI-q65h-hq3h-pgm7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

MINI-qwq2-mxfj-p482

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

14 days ago

UPDATED

14 days ago

ADVISORY ID

MINI-wvc9-cqfp-7825

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

17 days ago

UPDATED

17 days ago

ADVISORY ID

MINI-x84v-3g64-q5gq

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY