CVE-2021-22133
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-22133
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application panic it is possible the headers will not be sanitized before being sent.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
通过日志文件的信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
GE APM 日志信息泄露漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
GE APM是美国通用电气(GE)公司的一款设备监控系统。该系统可以持续性对设备运行状态和故障进行监视。 Elastic APM agent for Go中存在日志信息泄露漏洞,该漏洞源于网络系统或产品的日志文件非正常输出。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Elastic | Elastic APM Agent for Go | before 1.11.0 | - |
II. Public POCs for CVE-2021-22133
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-22133
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: Elastic
- CVE-2026-33467
Improper Verification of Cryptographic Signature in Elastic - CVE-2026-33466
Improper Limitation of a Pathname to a Restricted Directory - CVE-2026-33458
Server-Side Request Forgery (SSRF) in Kibana One Workflow Le - CVE-2026-33459
Uncontrolled Resource Consumption in Kibana Leading to Denia - CVE-2026-33460
Incorrect Authorization in Kibana Fleet Leading to Informati
Same weakness: CWE-532
- CVE-2026-44516
Valtimo: Sensitive data exposure through HTTP request/respon - CVE-2026-41219
BIG-IP QKView vulnerability - CVE-2026-8200
Schema validation log messages may not redact user data - CVE-2026-41018
Apache Airflow Providers Elasticsearch: Elasticsearch task-l - CVE-2026-43826
Apache Airflow Providers OpenSearch: OpenSearch task-log han
V. Comments for CVE-2021-22133
No comments yet