CVE-2024-37288 | Elastic Kibana 8.15.0 YAML Parser deserialization

Posted by Angelo Barbosa | Sep 9, 2024 | CVE

A vulnerability was found in Elastic Kibana 8.15.0. It has been rated as very critical. Affected by this issue is some unknown functionality of the component YAML Parser. The manipulation leads to deserialization.

This vulnerability is handled as CVE-2024-37288. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37288 | Elastic Kibana 8.15.0 YAML Parser deserialization

Related Posts

CVE-2024-34794 | Tainacan.org Tainacan Plugin up to 0.21.3 on WordPress cross site scripting

CVE-2024-2127 | Page Builder Plugin up to 1.8.3 on WordPress Custom Attributes cross site scripting

CVE-2023-6784 | Progress Sitefinity prior 15.0.8223 input validation

CVE-2023-37932 | Fortinet FortiVoice up to 6.0.12/6.4.7/7.0.0 HTTP Request path traversal (FG-IR-23-219)