AVG-1570 log

Package kibana
Status Vulnerable
Severity High
Type multiple issues
Affected 7.10.1-1
Fixed Unknown
Current 7.10.1-1 [community]
Ticket FS#70038
Created Mon Feb 15 14:08:57 2021
Issue Severity Remote Type Description
CVE-2021-22139 Medium Yes Denial of service
A denial of service vulnerability was found in the Kibana webhook actions due to a lack of timeout or a limit on the request size. An attacker with...
CVE-2021-22136 Medium Yes Incorrect calculation
A flaw in Kibana versions before 7.12.0 and 6.8.15 was discovered where the xpack.security.session.idleTimeout setting is not being respected. This was...
CVE-2020-26296 High Yes Cross-site scripting
The Kibana “Vega” visualization type is susceptible to both stored and reflected cross-site scripting (XSS) via a vulnerable version of the Vega library....