Description

Kibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cleaned up after certain requests and will accumulate over time until the process crashes.

Remediation

References

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2019-10404 Vulnerability in maven package org.jenkins-ci.main:jenkins-core

CVE-2021-41973 Vulnerability in maven package org.apache.mina:mina-http

CVE-2022-34818 Vulnerability in maven package de.einsundeins.jenkins.plugins.failedjobdeactivator:failedjobdeactivator

CVE-2013-2055 Vulnerability in maven package org.apache.wicket:wicket-core

CVE-2019-10433 Vulnerability in maven package com.ztbsuper:dingding-notifications

Severity

High

Classification

CWE-769 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Vendor Advisory