CVE-2022-38778: Improper Input Validation

February 8, 2023 (updated February 16, 2023)

A flaw (CVE-2022-38900) was discovered in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.

References

discuss.elastic.co/t/elastic-7-17-9-8-5-0-and-8-6-1-security-update/324661
nvd.nist.gov/vuln/detail/CVE-2022-38778
www.elastic.co/community/security

Detect and mitigate CVE-2022-38778 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →