Homepage

kibana vulnerabilities

Kibana is an open source (Apache Licensed), browser based analytics and search dashboard for Elasticsearch. Kibana is a snap to setup and start using. Kibana strives to be easy to get started with, while also being flexible and powerful, just like Elastic

  • latest version

    5.1.1

  • first published

    7 years ago

  • latest version published

    7 years ago

  • deprecated

    Package is deprecated

  • licenses detected

  • View kibana package health on Snyk Advisor  (opens in a new tab)
    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the kibana package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Deserialization of Untrusted Data

    >=8.10.0 <8.15.1
    • C
    Deserialization of Untrusted Data

    >=8.15.0 <8.15.1
    • H
    Prototype Pollution

    >=7.7.0 <7.17.23>=8.0.0 <8.14.2
    • H
    Denial of Service (DoS)

    >=7.0.0 <7.17.23>=8.0.0 <8.14.0
    • M
    Allocation of Resources Without Limits or Throttling

    <7.17.22>=8.0.0-alpha1 <8.14.0
    • M
    URL Redirection to Untrusted Site ('Open Redirect')

    <7.17.22>=8.0.0-alpha1 <8.14.0
    • M
    Uncontrolled Resource Consumption

    >=8.6.3 <8.14.0
    • M
    Improper Access Control

    >=8.0.0 <8.12.1
    • H
    Insertion of Sensitive Information into Log File

    >=7.13.0 <7.17.16>=8.0.0 <8.11.2
    • H
    Information Exposure Through Log Files

    >=8.0.0 <8.11.1
    • M
    Use of Unmaintained Third Party Components

    >=7.0.0 <7.13.0
    • M
    Arbitrary Code Injection

    >=7.10.2 <7.14.0
    • L
    Directory Traversal

    >=7.9.0 <7.14.1
    • C
    Insertion of Sensitive Information into Log File

    >=8.10.0 <8.10.1
    • M
    Cleartext Transmission of Sensitive Information

    >=7.8.0 <7.15.2
    • H
    Denial of Service (DoS)

    >=7.0.0 <7.17.9>=8.0.0 <8.6.1
    • C
    Arbitrary Code Injection

    >=8.7.0 <8.7.1
    • H
    Arbitrary Code Injection

    >=8.0.0 <8.7.1
    • M
    Improper Input Validation

    >=7.10.2 <7.14.1
    • M
    Open Redirect

    <6.8.16>=7.0.0 <7.13.0
    • M
    Prototype Pollution

    >=6.7.0 <6.8.9>=7.0.0 <7.6.3
    • M
    Prototype Pollution

    <6.8.9<7.7.0
    • C
    Cross-site Scripting (XSS)

    <6.8.10>=7.7.0 <7.7.1
    • M
    Information Exposure

    >=5.0.0 <5.0.2
    • M
    Cross-site Request Forgery (CSRF)

    <4.1.3>=4.2.0 <4.2.1
    • M
    Cross-site Scripting (XSS)

    >=4.1.0 <4.1.11>=4.5.0 <4.5.4
    • M
    Cross-site Scripting (XSS)

    >=4.3.0 <4.6.2
    • M
    Open Redirect

    <4.6.2>=5.0.0 <5.0.1
    • M
    Arbitrary Command Execution

    <5.3.13>=6.4.0 <6.4.3
    • M
    Cross-site Scripting (XSS)

    >=5.1.1 <5.6.6>=6.0.0 <6.1.2
    • H
    Denial of Service (DoS)

    >=5.0.0 <5.2.1
    • M
    Cross-site Scripting (XSS)

    <5.4.1
    • M
    Cross-site Scripting (XSS)

    >=6.1.0 <6.1.3
    • M
    Open Redirect

    >=5.1.1 <5.6.7>=6.0.0 <6.1.3
    • M
    Cross-site Scripting (XSS)

    >=5.1.1 <5.6.7>=6.0.0 <6.1.3
    • M
    Cross-site Scripting (XSS)

    <5.6.5>=6 <6.0.1
    • M
    Open Redirect

    <5.6.5>=6 <6.0.1
    • M
    Open Redirect

    <5.3.1
    • H
    Denial of Service (DoS)

    <5.2.1
    • M
    Cross-site Scripting (XSS)

    >=5.3.0 <5.3.3>=5.4.0 <5.4.1
    • M
    Information Exposure

    <5.4.3
    • M
    Cross-site Scripting (XSS)

    <5.6.1
    • M
    Cross-site Scripting (XSS)

    <5.0.0-alpha5

    Package versions

    1 - 1 of 1 Results
    versionpublisheddirect vulnerabilities
    5.1.16 Jun, 2017
    • 1
      C
    • 2
      H
    • 14
      M
    • 0
      L