VYPR
Unrated severityNVD Advisory· Published Nov 22, 2023· Updated Aug 3, 2024

Kibana Reporting vulnerabilities

CVE-2021-22142

Description

Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protections to prevent this browser from rendering arbitrary content.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Elastic/Kibanallm-fuzzy2 versions
    7.13.0 and 6.8.16+ 1 more
    • (no CPE)range: 7.13.0 and 6.8.16
    • (no CPE)range: 7.0.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.