Kibana version 8.12.0 Vulnerabilities

Hello Team,
Currently we are using elastic Kibana version 8.12.0, and our internal security tool identified there are three critical Vulnerabilities as provided below in the screenshot with Kibana version 8.12.0. Could you please let me know more details about how these reported CVE packages are used in Kibana and what would be the actual impact of these Vulnerabilities in Kibana while using it.

Also let us know if you have any other details for those vulnerabilities how it can be addressed.

https://nvd.nist.gov/vuln/detail/CVE-2023-42282
https://nvd.nist.gov/vuln/detail/CVE-2023-36665

1 Like

Hi @baskarsp

you can email with the description of the issue to security@elastic.co .
For more info about our security policy, please refer to: Security issues | Elastic

Thank you Marco. I sent a email to security@elastic.co and few days ago and i am still waiting for feedback.