AVG-1210 log

Package	kibana
Status	Fixed
Severity	High
Type	multiple issues
Affected	7.8.0-1
Fixed	7.9.1-1
Current	Removed
Ticket	None
Created	Wed Jul 29 20:52:47 2020

Issue	Severity	Remote	Type	Description
CVE-2020-7017	High	Yes	Content spoofing	In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region...
CVE-2020-7016	Medium	Yes	Denial of service	Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana...

Issue

Severity

Remote

Type

Description

CVE-2020-7017

High

Yes

Content spoofing

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region...

CVE-2020-7016

Medium

Yes

Denial of service

Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana...