kibana-9.2-config vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the kibana-9.2-config package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L Improper Check for Unusual or Exceptional Conditions	*
L Server-Side Request Forgery (SSRF)	*
L Race Condition	*
L Server-Side Request Forgery (SSRF)	<9.2.5-r0
M CVE-2025-13465	*
M Improper Handling of Unicode Encoding	<9.2.5-r0
L Directory Traversal	*
L Improper Input Validation	*
L GHSA-6475-r3vj-m8vf	*
H Inefficient Regular Expression Complexity	<9.2.5-r0
H Allocation of Resources Without Limits or Throttling	<9.2.5-r0
M Directory Traversal	<9.2.5-r0
L CVE-2025-15284	*
C Deserialization of Untrusted Data	<9.2.5-r0
H Improper Check or Handling of Exceptional Conditions	<9.2.3-r0
L Improper Verification of Cryptographic Signature	<9.2.3-r0
L Insecure Default Initialization of Resource	<9.2.3-r0
L Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
L CVE-2025-12816	<9.2.3-r0
L GHSA-rcmh-qjqh-p98v	<9.2.3-r0
M Integer Overflow or Wraparound	<9.2.3-r0
H Uncontrolled Recursion	<9.2.3-r0
L CVE-2025-13466	<9.2.2-r0
L CVE-2025-13204	<9.2.5-r0
L Race Condition	<9.2.2-r0
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<9.2.2-r0
L OS Command Injection	<9.2.1-r0
L Arbitrary Code Injection	<9.2.5-r0
M CVE-2025-48985	<9.2.3-r0
L CVE-2025-9910	<9.2.3-r0
M Cross-site Scripting (XSS)	*