Known vulnerabilities in the com.floragunn:search-guard-kibana-plugin package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M URL Injection com.floragunn:search-guard-kibana-plugin is a Search Guard Kibana Plugin for Elasticsearch 6. Affected versions of this package are vulnerable to URL Injection. The code allows URL injection for login redirects on the login page when basePath is set. How to fix URL Injection? Upgrade `com.floragunn:search-guard-kibana-plugin` to version 6.3.0-16, 6.3.1-16, 6.3.2-16, 6.4.0-16, 6.4.1-16, 6.4.2-16, 6.4.3-16 or higher.	[,6.3.0-16)[6.3.1-14,6.3.1-16)[6.3.2-14,6.3.2-16)[6.4.0-14,6.4.0-16)[6.4.1-15,6.4.1-16)[6.4.2-15,6.4.2-16)[6.4.3-15,6.4.3-16)

URL Injection

com.floragunn:search-guard-kibana-plugin is a Search Guard Kibana Plugin for Elasticsearch 6.

Affected versions of this package are vulnerable to URL Injection. The code allows URL injection for login redirects on the login page when basePath is set.

How to fix URL Injection?

Upgrade com.floragunn:search-guard-kibana-plugin to version 6.3.0-16, 6.3.1-16, 6.3.2-16, 6.4.0-16, 6.4.1-16, 6.4.2-16, 6.4.3-16 or higher.

[,6.3.0-16)[6.3.1-14,6.3.1-16)[6.3.2-14,6.3.2-16)[6.4.0-14,6.4.0-16)[6.4.1-15,6.4.1-16)[6.4.2-15,6.4.2-16)[6.4.3-15,6.4.3-16)

Go back to all versions of this package