co.elastic.apm:apm-agent-api@1.18.0.RC1 vulnerabilities
-
latest version
1.49.0
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
a month ago
-
licenses detected
- [0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the co.elastic.apm:apm-agent-api package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Privilege Escalation. A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of permissions than they possess. This vulnerability affects users that have set up the agent via the How to fix Privilege Escalation? Upgrade |
[,1.27.0)
|