CVE-2022-38900
published 2023-02-08CVE-2022-38900: A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | confluence_data_center | — | — |
| decode-uri-component_project | decode-uri-component | < 0.2.1 | 0.2.1 |
| decode-uri-component_project | decode-uri-component | — | — |
| decode-uri-component_project | decode-uri-component | >= 0 < 0.2.1 | 0.2.1 |
| elastic | kibana | — | — |
| elastic | kibana | >= 7.0.0 < 7.17.9 | 7.17.9 |
| elastic | kibana | >= 8.0.0 < 8.6.1 | 8.6.1 |