Vulnerabilities > Elastic > APM Agent > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-12-08 | CVE-2021-37941 | Improper Privilege Management vulnerability in Elastic APM Agent A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. | 7.8 |
2019-08-22 | CVE-2019-7617 | Improper Input Validation vulnerability in Elastic APM Agent When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. | 7.2 |