2 matches found
Kibana 7.17.23 and 8.15.1 Security Update (ESA-2024-36)
Kibana Uncontrolled Resource Consumption vulnerability ESA-2024-36 An issue has been identified where a specially crafted request sent to an Observability API could cause the kibana server to crash. A successful attack requires a malicious user to have read permissions for Observability assigned ...
Kibana 8.15.1 Security Update (ESA-2024-27, ESA-2024-28)
Kibana arbitrary code execution via YAML deserialization in Amazon Bedrock Connector ESA-2024-27 A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic...