CVE-2022-38779

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-38779

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38779.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-38779

Published

2023-02-22T00:15:11.213Z

Modified

2025-12-05T10:10:33.552105Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

References

Affected packages

Git / github.com/elastic/elasticsearch

Affected ranges

Type: GIT
Repo: https://github.com/elastic/elasticsearch
Events: Introduced

b7e28a7232616c7a21bc879a535d801b8553ba77

Fixed

ef48222227ee6b9e70e502f0f0daa52435ee634d

Database specific

vanir_signatures

[
    {
        "target": {
            "function": "start",
            "file": "test/test-clusters/src/main/java/org/elasticsearch/test/cluster/local/LocalClusterFactory.java"
        },
        "id": "CVE-2022-38779-7126c131",
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/elastic/elasticsearch/commit/ef48222227ee6b9e70e502f0f0daa52435ee634d",
        "digest": {
            "length": 796.0,
            "function_hash": "253424462771408036179652827713905704388"
        },
        "signature_version": "v1"
    },
    {
        "target": {
            "file": "test/test-clusters/src/main/java/org/elasticsearch/test/cluster/local/LocalClusterFactory.java"
        },
        "id": "CVE-2022-38779-adc0c667",
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://github.com/elastic/elasticsearch/commit/ef48222227ee6b9e70e502f0f0daa52435ee634d",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "328783117535713225377078719017895934894",
                "218962949926834068220532377964025986269",
                "238873534878858557428085250597699491727",
                "63077107520883219164804643621703692733",
                "66788853691360615475714774552204583495",
                "235984818079188790404255208318579500458",
                "122272605970820100222461377080912574433",
                "218240151183537112180691515958244680759",
                "74982244718916453758071782997683156102",
                "338998086836341997413146815199410074826",
                "183545008697450786058075772372139794156",
                "14150877025559646740082274151309028560",
                "165346515570815984485986167003908280712",
                "133921416539802914293419784636618607124",
                "335194391246084399905387481005122256392",
                "287472674007991101034770761473652905017",
                "32088835855662654741678314163880302816",
                "1737611290573491832151774625136018650",
                "41302012581605084517150417062557235387",
                "111850715464812135337423374498156388695",
                "190938082947915130398453485194117962279",
                "200222680760379930174317775945798073524"
            ]
        },
        "signature_version": "v1"
    }
]

Git / github.com/elastic/kibana

Affected ranges

Type: GIT
Repo: https://github.com/elastic/kibana
Events: Introduced

ee89fda8a17eff9c93f7400c102edf76cb4d7d8a

Fixed

00b0b0440dbf6f8c542448473e020c99d352a0f5