{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-16T23:52:49.040","vulnerabilities":[{"cve":{"id":"CVE-2025-68388","sourceIdentifier":"security@elastic.co","published":"2025-12-18T22:16:02.683","lastModified":"2025-12-23T17:43:47.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Allocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEC-130) of memory and CPU via the integration of malicious IPv4 fragments, leading to a degradation in Packetbeat."}],"metrics":{"cvssMetricV31":[{"source":"security@elastic.co","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@elastic.co","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:elasticsearch:packetbeat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.0","versionEndExcluding":"8.19.9","matchCriteriaId":"FE1B8D89-6838-4BB0-9E8F-5770F3D896A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:elasticsearch:packetbeat:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.1.9","matchCriteriaId":"D24C565F-FB26-4D8D-9963-58E77B7F7557"},{"vulnerable":true,"criteria":"cpe:2.3:a:elasticsearch:packetbeat:*:*:*:*:*:*:*:*","versionStartIncluding":"9.2.0","versionEndExcluding":"9.2.3","matchCriteriaId":"7BFB3597-387F-439B-8AE2-AA97239DAE49"}]}]}],"references":[{"url":"https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177","source":"security@elastic.co","tags":["Vendor Advisory"]}]}}]}