50 matches found
Elastic APM Server 8.x < 8.16.1 Information Disclosure (ESA-2024-41)
The version of Elastic APM Server installed on the remote host is 8.x prior to 8.16.1. It is, therefore, affected by an information disclosure vulnerability: - APM server logs could contain parts of the document body from a partially failed bulk index request. Depending on the nature of the...
EUVD-2021-1171
Malware in sbrugna...
EUVD-2019-0048
Malware in sbrugna...
EUVD-2022-2113
Malicious code in bioql PyPI...
EUVD-2023-2978
Malicious code in bioql PyPI...
CVE-2019-7615
A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'servercacert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the...
Elastic APM Server 安全漏洞
Elastic APM Server is a lightweight Agent from the Dutch company Elastic. A security vulnerability exists in Elastic APM Server versions prior to 8.14.0, which stems from the server recording error logs that inadvertently record sensitive information, leading to a data leak...
Malicious code in Be.Vlaanderen.Basisregіsters.OpenTеlemetrу.Elаstic.Apm (NuGet)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-4074 Malicious code in Be.Vlaanderen.Basisregіsters.OpenTеlemetrу.Elаstic.Apm (NuGet)
--- -= Per source details. Do not edit below this line.=-...
GHSA-HX93-GC73-5RPR Exposure of Sensitive Information in Elastic APM .NET Agent
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
Exposure of Sensitive Information in Elastic APM .NET Agent
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure when logging details during an application error. An attacker can leak sensitive HTTP header information by triggering an application error. This is only exploitable if the headers are not sanitized before being sen...
CVE-2021-22143
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
CVE-2021-22143 Elastic APM .NET Agent information disclosure
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
CVE-2021-22143
CVE-2021-22143 affects the Elastic APM .NET Agent, where sensitive HTTP header information can be leaked when logging errors because headers may not be sanitized before being sent to the APM server. This vulnerability concerns the Elastic APM .NET Agent components involved in error logging and he...
CVE-2021-22143 Elastic APM .NET Agent information disclosure
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
PT-2023-12039 · Elastic · Apm .Net Agent
Name of the Vulnerable Software and Affected Versions: Elastic APM .NET Agent affected versions not specified Description: The issue concerns the Elastic APM .NET Agent leaking sensitive HTTP header information when logging application error details. Normally, the agent sanitizes sensitive HTTP...
MAL-2022-2683 Malicious code in elastic-apm-rum (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f3134e83247b4ff3e676cf0dd4b3378ca1bf9f4ff0adfee2583b6745d70adaca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in elastic-apm-rum (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f3134e83247b4ff3e676cf0dd4b3378ca1bf9f4ff0adfee2583b6745d70adaca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Elastic APM agent for Python client CGI proxy redirection flaw
When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing...