Vulnerabilities > Elastic > Kibana > 7.4.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-03 | CVE-2020-7013 | Code Injection vulnerability in multiple products Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. | 6.5 |
2020-06-03 | CVE-2020-7012 | Code Injection vulnerability in Elastic Kibana Kibana versions 6.7.0 to 6.8.8 and 7.0.0 to 7.6.2 contain a prototype pollution flaw in the Upgrade Assistant. | 6.5 |
2019-12-18 | CVE-2019-7621 | Cross-site Scripting vulnerability in Elastic Kibana Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting (XSS) flaw in the coordinate and region map visualizations. | 3.5 |