This documentation contains work-in-progress information for future Elastic Stack and Cloud releases. Use the version selector to view supported release docs. It also contains some Elastic Cloud serverless information. Check out our serverless docs for more details.
Kibana 8.10.3
editKibana 8.10.3
editSecurity updates
edit-
Kibana heap buffer overflow vulnerability
On Sept 11, 2023, Google Chrome announced CVE-2023-4863, described as “Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page”. Kibana includes a bundled version of headless Chromium that is only used for Kibana’s reporting capabilities and which is affected by this vulnerability. An exploit for Kibana has not been identified, however as a resolution, the bundled version of Chromium is updated in this release.
The issue is resolved in 8.10.3.
For more information, see our related security announcement.
Enhancements
edit- Elastic Security
- For the Elastic Security 8.10.3 release information, refer to Elastic Security Solution Release Notes.
Bug Fixes
edit- Dashboard
-
- Fixes an error the panel descriptions weren’t retrieved from the right method (#166825).
- Discover
-
-
Soften saved search content management response
sortschema (#166886).
-
Soften saved search content management response
- Elastic Security
- For the Elastic Security 8.10.3 release information, refer to Elastic Security Solution Release Notes.
- Enterprise Search
- For the Elastic Enterprise Search 8.10.3 release information, refer to Elastic Enterprise Search Documentation Release notes.
- Fleet
- Machine Learning
-
- AIOps: Fixes render loop when using a saved search (#166934).
- Monitoring
-
- Convert node roles into array (#167628).
- Observability
-
- Fixes a set up process error in Universal Profiling (#167068).
- Uptime
-
- Fixes an error when updating browser monitor in a project (#168064).