Fabre

#1121416 opensearch: CVE-2025-9624 #1121416

Package:: src:opensearch

Source:: src:opensearch

Submitter:: Salvatore Bonaccorso

Date:: 2025-11-26 07:43:03 UTC

Severity:: normal

Tags:

#1121416#5

Date:: 2025-11-26 07:38:20 UTC

From:

To:

Hi,

The following vulnerability was published for opensearch.

CVE-2025-9624[0]:
| A vulnerability in OpenSearch allows attackers to cause Denial of
| Service (DoS) by submitting complex query_string inputs.    This
| issue affects all OpenSearch versions below 3.2.0.

According to the upstream information this should be fixed in the
3.3.0 version onwards.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-9624
https://www.cve.org/CVERecord?id=CVE-2025-9624

Regards,
Salvatore

#1121416 opensearch: CVE-2025-9624 #1121416

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)