Vulnerabilities (CVE)

Filtered by vendor Elastic Subscribe
Filtered by product Apm-agent-ruby
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-7615 1 Elastic 1 Apm-agent-ruby 2024-11-21 5.8 MEDIUM 7.4 HIGH
A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate returned by the APM server. This could result in a man in the middle style attack against the Ruby agent.