kibana-7-advanced

Direct Vulnerabilities

Known vulnerabilities in the kibana-7-advanced package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2026-44979	*
L CVE-2026-44974	*
L CVE-2026-46625	*
H Use of Uninitialized Resource	*
L Resource Exhaustion	*
M Cross-site Scripting (XSS)	*
H Server-Side Request Forgery (SSRF)	*
L Allocation of Resources Without Limits or Throttling	*
L HTTP Response Splitting	*
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
L Permissive Whitelist	*
L CRLF Injection	*
L Improper Encoding or Escaping of Output	*
H Uncontrolled Recursion	*
C Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
C Permissive Whitelist	*
M Improper Authentication	*
L Allocation of Resources Without Limits or Throttling	*
C Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Out-of-bounds Write	*
L CVE-2026-5758	*
L GHSA-rp42-5vxx-qpwr	*
L GHSA-r4q5-vmmm-2653	*
M HTTP Response Splitting	*
L GHSA-6v7q-wjvx-w8wg	*
C Unintended Proxy or Intermediary ('Confused Deputy')	*
L GHSA-vvjj-xcjg-gr5g	*
L Resource Exhaustion	*
L Arbitrary Code Injection	*
H Resource Exhaustion	*
L Arbitrary Code Injection	*
L GHSA-c7w3-x93f-qmm8	*
L Inefficient Regular Expression Complexity	*
L Improper Input Validation	*
H Cross-site Scripting (XSS)	*
L GHSA-442j-39wm-28r2	*
L GHSA-7rx3-28cr-v5wh	*
L Arbitrary Code Injection	*
C Improper Certificate Validation	*
M CVE-2026-2950	*
C CVE-2026-4800	*
H Inefficient Regular Expression Complexity	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
L Improper Check for Unusual or Exceptional Conditions	*
L Improper Verification of Cryptographic Signature	*
M Cross-site Scripting (XSS)	*
M Off-by-one Error	*
M Directory Traversal	*
M Directory Traversal	*
L CVE-2026-3449	*
L Inefficient Regular Expression Complexity	*
L Algorithmic Complexity	*
M CVE-2025-25012	<7.17.29-r0
H CVE-2026-0528	<7.17.29-r0
C Directory Traversal	*
M Improperly Implemented Security Check for Standard	*
L CVE-2025-68389	*
M CVE-2025-25018	*
M CVE-2025-68385	*
M CVE-2025-25009	*
L CVE-2026-0531	*
L CVE-2025-68422	*
L CVE-2025-37732	*
L CVE-2026-0530	*
L CVE-2025-68387	*
M CVE-2025-25017	*
M CVE-2024-23443	*
L CVE-2025-68386	*
L CVE-2025-37728	*
L Allocation of Resources Without Limits or Throttling	*
L CVE-2026-0532	*
H Inefficient Regular Expression Complexity	*
H Directory Traversal	*
H CVE-2026-2327	*
L Improper Check for Unusual or Exceptional Conditions	*
M CVE-2025-13465	*
L Directory Traversal	*
M Improper Handling of Unicode Encoding	*
L CVE-2025-7783	*
L Directory Traversal	*
L CVE-2025-12816	*
L GHSA-rcmh-qjqh-p98v	*
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Improper Check or Handling of Exceptional Conditions	*
L Allocation of Resources Without Limits or Throttling	*
H Uncontrolled Recursion	*
M Integer Overflow or Wraparound	*
M Directory Traversal	*
M Cross-site Scripting (XSS)	*
H Improper Validation of Syntactic Correctness of Input	*

Vulnerability

Vulnerable Version

CVE-2026-44979