kibana-9.3-oci-entrypoint

Direct Vulnerabilities

Known vulnerabilities in the kibana-9.3-oci-entrypoint package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
CVE-2026-33464

<9.3.6-r0
  • M
CVE-2026-42401

<9.3.5-r0
  • L
CVE-2026-42398

<9.3.2-r1
  • L
CVE-2026-42400

<9.3.5-r0
  • H
CVE-2026-33462

<9.3.5-r0
  • L
CVE-2026-49095

<9.3.5-r0
  • L
CVE-2026-33463

<9.3.5-r0
  • L
CVE-2026-42399

<9.3.5-r0
  • H
CVE-2026-49093

<9.3.3-r0
  • M
Cross-site Scripting (XSS)

*
  • L
GHSA-v8w9-8mx6-g223

<9.3.4-r0
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

<9.3.4-r0
  • H
Resource Exhaustion

<9.3.4-r0
  • L
Improper Verification of Cryptographic Signature

<9.3.4-r0
  • L
Improper Input Validation

<9.3.4-r0
  • L
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<9.3.4-r0
  • C
Improper Certificate Validation

<9.3.4-r0
  • L
Inefficient Regular Expression Complexity

<9.3.4-r0
  • L
GHSA-7rx3-28cr-v5wh

<9.3.4-r0
  • H
Cross-site Scripting (XSS)

<9.3.4-r0
  • L
Arbitrary Code Injection

<9.3.4-r0
  • L
Improper Check for Unusual or Exceptional Conditions

<9.3.4-r0
  • L
GHSA-442j-39wm-28r2

<9.3.4-r0
  • L
Arbitrary Code Injection

<9.3.4-r0
  • L
Arbitrary Code Injection

<9.3.4-r0
  • L
CVE-2026-4923

<9.3.4-r0
  • L
CVE-2026-4926

<9.3.4-r0
  • L
Directory Traversal

<9.3.4-r0
  • L
Improper Input Validation

<9.3.4-r0
  • L
GHSA-26pp-8wgv-hjvm

<9.3.4-r0
  • M
Directory Traversal

<9.3.4-r0
  • H
CVE-2026-39412

<9.3.4-r0
  • L
CRLF Injection

<9.3.4-r0
  • H
Inefficient Regular Expression Complexity

<9.3.4-r0
  • H
Symlink Following

<9.3.4-r0
  • L
Directory Traversal

<9.3.4-r0
  • M
Resource Exhaustion

<9.3.4-r0
  • H
Directory Traversal

<9.3.4-r0
  • M
Incorrect Behavior Order: Validate Before Canonicalize

<9.3.4-r0
  • L
GHSA-458j-xx4x-4375

<9.3.4-r0
  • M
HTTP Response Splitting

<9.3.4-r0
  • C
Unintended Proxy or Intermediary ('Confused Deputy')

<9.3.4-r0
  • L
XML Injection

*
  • L
GHSA-w5hq-g745-h8pq

*
  • H
CVE-2026-33458

<9.3.3-r0
  • L
CVE-2026-33459

<9.3.3-r0
  • L
CVE-2026-33460

<9.3.3-r0
  • M
CVE-2026-33461

<9.3.3-r0
  • L
CVE-2026-4498

<9.3.3-r0
  • L
Improper Input Validation

<9.3.3-r0
  • L
Improper Input Validation

<9.3.3-r0
  • L
Resource Exhaustion

<9.3.2-r1
  • L
Improper Validation of Specified Quantity in Input

<9.3.3-r0
  • L
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

<9.3.3-r0
  • L
GHSA-cj63-jhhr-wcxv

<9.3.2-r1
  • L
GHSA-cjmm-f4jc-qw8r

<9.3.2-r1
  • L
GHSA-h8r8-wccr-v5f2

<9.3.2-r1
  • M
CVE-2026-26940

<9.3.2-r1
  • L
CVE-2026-26939

<9.3.1-r0
  • M
Off-by-one Error

<9.3.2-r1
  • L
Incorrect Authorization

<9.3.2-r1
  • H
Directory Traversal

<9.3.3-r0
  • M
Cross-site Scripting (XSS)

<9.3.2-r1
  • M
Directory Traversal

<9.3.2-r1
  • M
Directory Traversal

<9.3.2-r1
  • H
CVE-2026-26938

<9.3.1-r0
  • L
Inefficient Regular Expression Complexity

<9.3.2-r1
  • H
CVE-2026-26935

<9.3.1-r0
  • L
Algorithmic Complexity

<9.3.2-r1
  • L
CVE-2026-26934

<9.3.1-r0
  • H
Buffer Overflow

<9.3.3-r0
  • C
Directory Traversal

<9.3.2-r1
  • L
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

<9.3.1-r0
  • H
Directory Traversal

<9.3.1-r0
  • L
Incorrect Regular Expression

<9.3.1-r0
  • L
Inefficient Regular Expression Complexity

<9.3.2-r1
  • H
Inefficient Regular Expression Complexity

<9.3.2-r1
  • H
CVE-2026-2391

<9.3.2-r1
  • L
CVE-2026-2739

*
  • H
CVE-2026-2327

<9.3.2-r1
  • L
Race Condition

<9.3.2-r1
  • L
Improper Check for Unusual or Exceptional Conditions

<9.3.2-r1
  • L
GHSA-6475-r3vj-m8vf

<9.3.1-r0
  • M
CVE-2025-13465

<9.3.1-r0
  • L
Improper Input Validation

<9.3.1-r0
  • L
CVE-2025-15284

<9.3.2-r1
  • L
Server-Side Request Forgery (SSRF)

<9.3.4-r0
  • L
OS Command Injection

<9.3.3-r0
  • M
Cross-site Scripting (XSS)

*
  • L
Directory Traversal

<9.3.1-r0
  • C
Deserialization of Untrusted Data

<9.3.4-r0