Fleet is an open source osquery manager. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
Privilege Escalation
RCE
Denial Of Service
Information Disclosure
Fleet
NVD
GitHub
CVSS 3.1
2.7
EPSS
1.9%
The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.
Elastic
Information Disclosure
Apm Agent
NVD
CVSS 3.1
2.4
EPSS
0.5%