0.001 Low
EPSS
Percentile
39.4%
kibana is vulnerable to prototype pollution. The vulnerability exists through the improper use of set function of lodash in multiple locations, allowing Object.prototype to be overwritten.
set
lodash
github.com/elastic/kibana/commit/c8bbbdbcca29ecc3bbc98e483b690ecd153dc8ab
github.com/elastic/kibana/commit/f287f702223d72e963bf7ea663b89868fec88e11
www.elastic.co/community/security/
www.elastic.co/community/security/#ESA-2020-06