Fluent Fluentd vulnerabilities
2 known vulnerabilities affecting fluent/fluentd.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2022-39379CRITICALCVSS 9.8v>= 1.13.2, < 1.15.32022-11-02
CVE-2022-39379 [CRITICAL] CWE-502 CVE-2022-39379: Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environm
nvd
CVE-2021-41186HIGHCVSS 7.5v>= 0.14.14, < 1.14.22021-10-29
CVE-2021-41186 [HIGH] CWE-400 CVE-2021-41186: Fluentd collects events from various data sources and writes them to files to help unify logging inf
Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, result
nvd