turboquant-monitoring-poc

TurboQuant x WhatAp Monitoring POC TurboQuanthttps://arxiv...

CVE-2019-7617

When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing...

EUVD-2018-17297

Malware in sbrugna...

GHSA-22JH-6GX8-F944 Elastic APM agent for Python client CGI proxy redirection flaw

When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing...

Arbitrary Proxy Redirection

elasticapm is vulnerable to arbitrary proxy redirection. A variable name precedence bug due to the way HTTPPROXY and HTTPSPROXY are parsed, causes the proxy header to be incorrectly processed. This allows allow a remote attacker to redirect collected APM data to an arbitrary proxy...

Design/Logic Flaw

Under certain conditions, TMM may restart and produce a core file while processing APM data on BIG-IP 13.0.1 or 13.1.0.4-13.1.0.7...

CVE-2018-5528

CVE-2018-5528 affects F5 BIG-IP TMM when processing BIG-IP APM data, potentially causing TMM restart and core file creation leading to a DoS. Vulnerable: BIG-IP APM/TMM on BIG-IP versions 13.0.1 and 13.1.0.4–13.1.0.7. Impact: temporary traffic processing disruption and device group failover durin...