Количество 2
Количество 2
CVE-2024-37286
APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged.
GHSA-f6cj-4h3g-hwq4
APM Server vulnerable to Insertion of Sensitive Information into Log File
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-37286 APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged. | CVSS3: 5.7 | 0% Низкий | больше 1 года назад |
| GHSA-f6cj-4h3g-hwq4 APM Server vulnerable to Insertion of Sensitive Information into Log File | CVSS3: 5.7 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу