Homepage

kibana vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the kibana package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Open Redirect

*
  • M
CVE-2024-37279

*
  • M
Information Exposure

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • L
Information Exposure

<0:4.6.4-4.el7
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • C
Authentication Bypass by Primary Weakness

<0:5.6.12-1.el7
  • H
Incomplete Blacklist

<0:4.6.4-3.el7
  • H
Cross-site Request Forgery (CSRF)

<0:4.6.4-3.el7
  • M
Improper Input Validation

<0:4.6.4-4.el7
  • H
Cross-site Request Forgery (CSRF)

<0:4.6.4-3.el7
  • M
Improper Authentication

<0:4.6.4-3.el7
  • H
Improper Authentication

<0:4.6.4-3.el7
  • M
Improper Authorization

<0:4.6.4-4.el7
  • C
Cross-site Scripting (XSS)

<0:5.6.12-1.el7
  • M
Cross-site Scripting (XSS)

<0:4.1.11-1.el7
  • M
Cross-site Scripting (XSS)

<0:4.1.11-1.el7
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Cross-site Request Forgery (CSRF)

*
  • M
Information Exposure Through Log Files

<0:4.1.11-1.el7
  • M
Information Exposure Through Log Files

*
  • M
Information Exposure Through Log Files

*
  • M
Information Exposure Through Log Files

<0:4.1.11-1.el7
  • M
Information Exposure Through Log Files

*
  • M
Open Redirect

*
  • M
Open Redirect

*
  • M
Open Redirect

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • L
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
Missing Authorization

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Input Validation

*
  • M
Open Redirect

*
  • M
Cross-site Scripting (XSS)

*
  • H
Information Exposure

<0:5.6.13-1.el7
  • H
Session Fixation

<0:5.6.13-1.el7
  • H
Resource Exhaustion

<0:5.6.13-1.el7
  • H
Information Exposure

<0:5.6.13-1.el7
  • H
Improper Authentication

<0:5.6.13-1.el7
  • H
Improper Input Validation

<0:5.6.13-1.el7
  • H
Cross-site Scripting (XSS)

<0:5.6.13-1.el7
  • H
Directory Traversal

<0:5.6.13-1.el7
  • L
Resource Exhaustion

*
  • L
Improper Input Validation

*
  • L
Improper Input Validation

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • M
Access of Resource Using Incompatible Type ('Type Confusion')

*
  • L
Open Redirect

*
  • L
Open Redirect

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • L
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Arbitrary Code Injection

*
  • M
Arbitrary Code Injection

*
  • M
Out-of-bounds Read

*
  • M
Out-of-bounds Read

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
OS Command Injection

*
  • M
OS Command Injection

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Cross-site Request Forgery (CSRF)

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Improperly Implemented Security Check for Standard

*
  • L
Improperly Implemented Security Check for Standard

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Modification of Assumed-Immutable Data (MAID)

*
  • L
Modification of Assumed-Immutable Data (MAID)

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • H
Improper Input Validation

<0:5.6.16-2.el7
  • H
Improper Input Validation

*
  • H
Improper Input Validation

<0:5.6.16-2.el7
  • H
Cross-site Scripting (XSS)

<0:5.6.16-2.el7
  • M
Cross-site Scripting (XSS)

*
  • M
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Modification of Assumed-Immutable Data (MAID)

*
  • M
Modification of Assumed-Immutable Data (MAID)

*
  • L
Modification of Assumed-Immutable Data (MAID)

*
  • L
Modification of Assumed-Immutable Data (MAID)

*
  • M
Improper Input Validation

*
  • L
Arbitrary Code Injection

*
  • L
Arbitrary Code Injection

*
  • L
Arbitrary Code Injection

*
  • L
Arbitrary Code Injection

*
  • M
Improper Input Validation

*
  • M
Files or Directories Accessible to External Parties

*
  • M
Files or Directories Accessible to External Parties

*
  • C
Out-of-Bounds

<0:5.6.12-1.el7