- Describe your incident:
We are using Graylog 7.0.0 with MongoDB: 7.0.25 and Opensearch: 2.19.3. Recently we observed CVE-2025-9624 which says A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs. This issue affects all OpenSearch versions below 3.2.0.
And as per metrics Compatibility Matrix
Graylog 7.0.0 supports till Opensearch 2.19.3
Can someone please guide on above query?
- Describe your environment:
Docker Container on Kubernetes
OS Information: Debian Trixie
Package Version:7.0.0
-
What steps have you already taken to try and solve the problem?
None, just want to confirmation on cve -
How can the community help?
We are using Graylog 7.0.0 with MongoDB: 7.0.25 and Opensearch: 2.19.3. Recently we observed CVE-2025-9624 which says A vulnerability in OpenSearch allows attackers to cause Denial of Service (DoS) by submitting complex query_string inputs. This issue affects all OpenSearch versions below 3.2.0.
And as per metrics Compatibility Matrix
Graylog 7.0.0 supports till Opensearch 2.19.3
Can someone please guide on above query?
Regards,
shadowfax