Lucene search
K

13 matches found

CVE
CVE
added 2026/07/01 4:59 p.m.14 views

CVE-2026-49088

Kibana security advisory CVE-2026-49088 describes that when optional APM instrumentation is enabled, sensitive request header values may be logged in application logs, risking information disclosure (CWE-532). Affected versions include Kibana 8.x up to 8.18.8, 8.19.0–8.19.5, and 9.x 9.0.0–9.0.7, ...

4.4CVSS5.7AI score0.00211EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35730

Malicious code in bioql PyPI...

9CVSS7.5AI score0.00656EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-50864

Malicious code in bioql PyPI...

8CVSS6.9AI score0.00608EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.19 views

EUVD-2023-50862

Malicious code in bioql PyPI...

8CVSS6.1AI score0.00656EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/12/20 12:0 a.m.56 views

Elastic Kibana 7.13.0 < 7.17.16, 8.0 < 8.11.2 Information Disclosure (ESA-2023-27)

The version of the Elastic Kibana instance on the remote host is 7.13.0 prior to 7.17.16 or 8.0 prior to 8.11.1. It is, therefore, affected by an information disclosure vulnerability. In the event of an infrequent error returned from an Elasticsearch cluster, in cases where there is user...

8CVSS6.8AI score0.00608EPSS
Exploits0References2
OSV
OSV
added 2023/12/13 7:2 a.m.8 views

CVE-2023-46675 Kibana Insertion of Sensitive Information into Log File

An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which resolves this issue. The messages recorded in the log may contain Accou...

8CVSS6.6AI score0.00608EPSS
Exploits0References3
OSV
OSV
added 2023/12/13 6:57 a.m.7 views

CVE-2023-46671 Kibana Insertion of Sensitive Information into Log File

An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may contain account credentials for the kibanasystem user, API Keys, and...

8CVSS6.5AI score0.00656EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/13 12:0 a.m.68 views

Elastic Kibana Log Information Disclosure Vulnerability

Elastic Kibana is an application from the Dutch company Elastic. A free and open user interface that enables you to visualize Elasticsearch data and lets you navigate through the Elastic Stack. A log message disclosure vulnerability exists in Elastic Kibana versions 8.0.0 through 8.11.1, which...

8CVSS6.4AI score0.00656EPSS
Exploits0References2
Elastic
Elastic
added 2023/12/12 5:23 p.m.8 views

Kibana 8.11.2, 7.17.16 Security Update (ESA-2023-27)

Kibana Insertion of Sensitive Information into Log File ESA-2023-27 An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which...

8CVSS6.4AI score0.00608EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/29 12:0 a.m.20 views

Elastic Kibana 8.x < 8.11.1 Information Disclosure (ESA-2023-25)

The version of the Elastic Kibana instance on the remote host is 8.x prior to 8.11.1. It is, therefore, affected by an information disclosure vulnerability. In the event of an infrequent error returned from an Elasticsearch cluster, in cases where there is user interaction and an unhealthy cluste...

8CVSS6.3AI score0.00656EPSS
Exploits0References2
Elastic
Elastic
added 2023/11/14 6:38 p.m.10 views

Kibana 8.11.1 Security Update (ESA-2023-25)

Kibana Insertion of Sensitive Information into Log File ESA-2023-25 An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may...

8CVSS6.6AI score0.00656EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/10/30 5:57 a.m.76 views

CVE-2023-31422

A flaw was found by Elastic, where sensitive information is recorded in Kibana logs. This issue occurs in the event of an error when logging in to the JSON layout or when the pattern layout is configured to log the %meta pattern...

7.5CVSS7.3AI score0.00656EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/10/27 12:56 a.m.4 views

SUSE CVE-2023-31422

An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has released Kibana 8.10.1...

9CVSS7AI score0.00656EPSS
Exploits0References3
Rows per page
Query Builder