Unrated severityNVD Advisory· Published Mar 26, 2024· Updated Aug 6, 2024

CVE-2024-23722

Description

In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly.

Affected products

Fluent Bit/Fluent Bitdescription
osv-coords
pkg:bitnami/fluent-bit
Range: >= 2.1.8, < 2.2.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/fluent/fluent-bit/compare/v2.2.1...v2.2.2mitre
medium.com/%40adurands82/fluent-bit-dos-vulnerability-cve-2024-23722-4e3e74af9d00mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000