Описание
A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.2.1 (исключая)Версия от 7.0.0 (включая) до 7.17.9 (исключая)Версия от 8.0.0 (включая) до 8.6.1 (исключая)
Одно из
cpe:2.3:a:decode-uri-component_project:decode-uri-component:*:*:*:*:*:node.js:*:*
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01011
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-20
CWE-20
Связанные уязвимости
CVSS3: 6.5
redhat
почти 3 года назад
A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
CVSS3: 6.5
debian
почти 3 года назад
A flaw (CVE-2022-38900) was discovered in one of Kibana\u2019s third p ...
CVSS3: 6.5
github
больше 2 лет назад
A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
EPSS
Процентиль: 77%
0.01011
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-20
CWE-20