Kibana 8.19.11, 9.2.5 Security Update (ESA-2026-15)

Uncontrolled Resource Consumption in Kibana Leading to Denial of Service Uncontrolled Resource Consumption CWE-400 in the Timelion component in Kibana can lead Denial of Service via Input Data Manipulation CAPEC-153 Affected Versions: 8.x: All versions from 8.0.0 up to and including 8.19.10 9.x:...

Elastic Stack 6.8.11 and 7.8.1 security update

Kibana regular expression denial of service flaw ESA-2020-09 Kibana versions before 6.8.11 and 7.8.1 contain a denial of service DoS flaw in Timelion. An attacker can construct a URL that when viewed by a Kibana user can lead to the Kibana process consuming large amounts of CPU and becoming...

Elastic Stack 6.6.1 and 5.6.15 security update

Kibana XSS issue ESA-2019-01 Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting XSS vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. Affected Versions Kibana versions before 5.6.15 and...