kibana
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Browser based analytics and search dashboard for Elasticsearch |
| Version | 7.4.2-1 [community] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-911 | 6.6.0-2 | 6.6.1-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2019-7610 | AVG-911 | High | Yes | Arbitrary code execution | Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the security audit logger. If a Kibana instance has the setting... |
| CVE-2019-7609 | AVG-911 | High | Yes | Arbitrary code execution | Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion... |
| CVE-2019-7608 | AVG-911 | High | Yes | Information disclosure | Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from, or... |
Advisories
| Date | Advisory | Group | Severity | Description |
|---|---|---|---|---|
| 25 Feb 2019 | ASA-201902-26 | AVG-911 | High | multiple issues |