Elastic Kibana 6.0.0 Release Candidate 1
Approved changes feed: RSS · Atom
cpe:2.3:a:elastic:kibana:6.0.0:rc1:*:*:*:*:*:*
part: a version: 6.0.0 update: rc1
| Vendor | Elastic (1d0b8d2a-fd47-5b20-b005-34326f9bd037) |
|---|---|
| Product | Kibana (c13ee88f-9cd3-57c3-8d6e-bbf4a9872328) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/elastic/kibana |
purl2cpe | 2026-06-01 10:15:15.204509 |
pkg:github/elastic/kibana |
purl2cpe | 2026-06-01 10:15:15.204511 |
pkg:rpm/opensuse/kibana |
purl2cpe | 2026-06-01 10:15:15.204512 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2017-11482 |
vulnerable | 2026-06-03 14:36:28.711406 |
Details available
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
Published: 2017-12-08T18:00:00.000Z
Updated: 2024-08-05T18:12:39.856Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-11481 |
vulnerable | 2026-06-03 14:36:28.710253 |
Details available
Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting (XSS) vulnerability via URL fields that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Published: 2017-12-08T18:00:00.000Z
Updated: 2024-08-05T18:12:39.948Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.