Return to CVE list

CVE-2024-12556

8.7

Critical

CVE-2024-12556

8 Apr 2025

bressers@elastic.co

Awaiting Analysis

View on MITRE Find on GitHub

Description

Prototype Pollution in Kibana can lead to code injection via unrestricted file upload combined with path traversal.

Exploits

No known exploits found for this CVE.

Search Exploit-DB

References

bressers@elastic.co

https://discuss.elastic.co/t/kibana-8-16-4-and-8-17-2-security-update-esa-2025-02/376918