kibana is an open source (Apache Licensed), browser-based analytics and search dashboard for Elasticsearch.

Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the parsing of a YAML document in the fleet plugin. An attacker can execute arbitrary code by supplying a crafted payload.

Note:

This is only exploitable if the attacker has specific Elasticsearch indices privileges and Kibana privileges:

1. Elasticsearch indices privileges: write privilege on the system indices .kibana_ingest and the allow_restricted_indices flag set to true;

2. Any of the following Kibana privileges: All privilege under Fleet, Read or Allprivilege under Integration, or access to thefleet-setup` privilege through the Fleet Server’s service account token.

python-openstackclient is an OpenStack Command-line Client

Affected versions of this package are vulnerable to Race Condition due to an improper handling of non-existing identifiers. An attacker can inadvertently cause the deletion of valid access rules by attempting to delete non-existent ones.

io.undertow:undertow-core is a Java web server based on non-blocking IO.

Affected versions of this package are vulnerable to HTTP Request Smuggling due to the interaction of quotation marks and delimiters in the parseCookie() function. An attacker can exfiltrate HttpOnly cookie values or smuggle extra cookie values.