VDB
CVE-2021-22133
CVE-2021-22133
PUBLISHED
CVSS 2.4000000953674316 LOW
Insertion of Sensitive Information into Log File
EPSS 0.07% · 22.3th percentile
Risk Scores
CVSS v3.1
2.4000000953674316
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.07%
22.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| go.elastic.co | apm | 0, 0, 0 |
| Elastic | Elastic APM Agent for Go | before 1.11.0, before 1.11.0, before 1.11.0 |
| github.com | elastic/apm-agent-go | 0, 0, 0 |
Timeline
- Feb 10, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
References
- https://discuss.elastic.co/t/elastic-apm-agent-for-go-1-11-0-security-update/263252 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-22133 advisory
- https://github.com/elastic/apm-agent-go/commit/c5c7e21aa26a6def7790f74fbceed792ad47ef35 patch
- https://github.com/elastic/apm-agent-go/compare/v1.10.0...v1.11.0 url
- https://github.com/advisories/GHSA-qqc5-rgcc-cjqh advisory