Security Advisory

Elastic Product Security Update Advisory (CVE-2025-25014)

  • May 08 2025
Elastic Product Security Update Advisory (CVE-2025-25014)

Overview

 

We have released security updates to fix vulnerabilities in Elastic products. We encourage affected product users to update to the latest version.
 

 

Affected Products

 

CVE-2025-25014

Kibana versions: 8.3.0 and earlier and 8.17.5 and earlier
Kibana versions: 8.18.0 and earlier
Kibana versions: 9.0.0 and earlier

 

 

Resolved Vulnerabilities

 

Arbitrary code execution vulnerability due to prototype contamination (CVE-2025-25014)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

 

CVE-2025-25014

Kibana version: 8.17.6
Kibana version: 8.18.1
Kibana version: 9.0.1

 

 

References

[1] Kibana 8.17.6, 8.18.1, or 9.0.1 Security Update (ESA-2025-07)
https://discuss.elastic.co/t/kibana-8-17-6-8-18-1-or-9-0-1-security-update-esa-2025-07/377868

Tags:
Previous Post

Next Post