AVG-911 log
| Package | kibana |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 6.6.0-2 |
| Fixed | 6.6.1-1 |
| Current | Removed |
| Ticket | None |
| Created | Thu Feb 21 12:51:58 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-7610 | High | Yes | Arbitrary code execution | Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting... |
| CVE-2019-7609 | High | Yes | Arbitrary code execution | Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion... |
| CVE-2019-7608 | High | Yes | Information disclosure | Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from, or... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 25 Feb 2019 | ASA-201902-26 | kibana | multiple issues |