4 matches found
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the MongoDB protocol parser. An attacker can cause buffer overflows by sending specially crafted network traffic to a monitored network interface where MongoDB protocol parsing is enabled...
Allocation of Resources Without Limits or Throttling
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the Fleet module. An attacker can cause excessive consumption of system...
Improper Validation of Syntactic Correctness of Input
Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the email address parameter in the Email Connector. An attacker can cause...
Kibana 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-05)
External Control of File Name or Path and Server-Side Request Forgery SSRF in Kibana Google Gemini Connector ESA-2026-05 External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially...