Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 897948 (CVE-2022-38779) - <www-apps/kibana-bin-7.17.9: arbitrary redirect
Summary: <www-apps/kibana-bin-7.17.9: arbitrary redirect
Alias: CVE-2022-38779
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
Whiteboard: ~4 [noglsa]
Keywords: PullRequest
Depends on:
Reported: 2023-02-26 17:56 UTC by John Helmert III
Modified: 2023-04-19 03:45 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-02-26 17:56:55 UTC

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

Please bump to 7.17.9.
Comment 1 Larry the Git Cow gentoo-dev 2023-03-11 16:26:38 UTC
The bug has been referenced in the following commit(s):

commit 0acc1ed17c0be136efc46815b0311c78e2a0d3f5
Author:     Tomáš Mózes <>
AuthorDate: 2023-03-09 13:21:01 +0000
Commit:     Sam James <>
CommitDate: 2023-03-11 16:23:52 +0000

    www-apps/kibana-bin: add 7.17.9, drop old
    Signed-off-by: Tomáš Mózes <>
    Signed-off-by: Sam James <>

 www-apps/kibana-bin/Manifest                       |  3 +-
 www-apps/kibana-bin/kibana-bin-7.17.7.ebuild       | 94 ----------------------
 ...-bin-7.17.8.ebuild => kibana-bin-7.17.9.ebuild} |  0
 3 files changed, 1 insertion(+), 96 deletions(-)
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-04-19 03:45:25 UTC
Thanks! All done