Logstash 8.15.3, 8.16.0 Security Update (ESA-2024-48)

ismisepaul · April 8, 2025, 3:58pm

Logstash Inefficient Regular Expression Complexity (ESA-2024-48)

On October 28th, 2024, Ruby announced CVE-2024-49761 in rexml which can lead to ReDoS when parsing XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;).

The issue only affects users that use the Logstash XML filter plugin, that can parse untrusted XML data.

Affected Versions:
Logstash versions 7.0.0 <= 8.15.2

Solutions and Mitigations:
The issue is resolved in version 8.15.3, 8.16.0 and higher.

Severity: CVSSv3.1: 5.3(Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE ID: CVE-2024-49761

Topic		Replies	Views
Logstash 8.15.1 Security Update (ESA-2024-35) Security Announcements	0	366	April 8, 2025
CVE-2022-1471 Still Applicable in latest 7.* and 8. *, not listed on Security Issues Page Endpoint Security elastic-stack-security	4	933	October 12, 2023
Elastic Stack 6.1.2 and 5.6.6 security update Security Announcements	1	13547	November 4, 2022
Elasticsearch 7.13.3 and 6.8.17 Security Update Security Announcements	1	14606	November 4, 2022
Logstash is affected by Apache Log4j2 2.17.0 Vulnerability CVE-2021-44832? Logstash	4	2425	February 3, 2022

Logstash 8.15.3, 8.16.0 Security Update (ESA-2024-48)

Related topics