CVE-2025-9624 Doubts

shadowfax · December 3, 2025, 10:05am

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):

Opensearch: 2.19.3

Describe the issue: We are facing CV CVE-2025-9624 and we are using Graylog with Opensearch: 2.19.3. What should be done to resolve the issue

Configuration: OS Information: Debian Trixie

Regards,

shadowfax

pablo · December 4, 2025, 9:44am

@shadowfax This CVE has been already reported in OpenSearch GitHub.

github.com/opensearch-project/OpenSearch

[BUG] CVE-2025-9624：A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs.

opened 02:19AM - 01 Dec 25 UTC

closed 07:46PM - 01 Dec 25 UTC

EddyZhang7

bug untriaged Other

### Describe the bug Currently, CVE-2025-9624 is only resolved in version 3.2.0…. However, upgrading to version 3.2.x necessitates updating the JDK from 17 to 21, which would significantly impact projects. Version 2.19.x seems to be a long-term support version; are you considering addressing this issue? ### Related component Other ### To Reproduce 1. Go to '...' 2. Click on '....' 3. Scroll down to '....' 4. See error ### Expected behavior Hopefully, version 2.19.x will fix this CVE: CVE-2025-9624. ### Additional Details **Plugins** Please list all plugins currently enabled. **Screenshots** If applicable, add screenshots to help explain your problem. **Host/Environment (please complete the following information):** - OS: [e.g. iOS] - Version [e.g. 22] **Additional context** Add any other context about the problem here.

Topic		Replies	Views
Facing issue with OpenSearch image vulnerabilities OpenSearch cve , security-issue	2	861	January 26, 2023
I Geeting some vulnerability issue in opensearchproject/opensearch-Dashboard:2.8.0 docker Image OpenSearch releases , cve , security-issue	2	347	June 22, 2023
I Geeting some vulnerability issue in opensearchproject/opensearch:2.8.0 docker Image. Image, OpenSearch releases , cve , security-issue	0	352	June 19, 2023
Facing issue with OpenSearch Logstash image Vulnerabilities OpenSearch cve , security-issue	2	411	March 3, 2023
Facing issue with OpenSearch image vulnerabilities of OpenSearch Dashboard Security troubleshoot , cve	3	436	April 18, 2023

CVE-2025-9624 Doubts

Related topics