Bitnami package
fluentd
pkg:bitnami/fluentd
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-21514 | — | >= 1.8.0, < 1.8.1 | 1.8.1 | Apr 4, 2023 | An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password. | ||
| CVE-2022-39379 | — | >= 1.13.2, < 1.15.3 | 1.15.3 | Nov 2, 2022 | Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially cr | ||
| CVE-2021-41186 | — | >= 0.14.14, < 1.14.2 | 1.14.2 | Oct 29, 2021 | Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain |
- CVE-2020-21514Apr 4, 2023affected >= 1.8.0, < 1.8.1fixed 1.8.1
An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password.
- CVE-2022-39379Nov 2, 2022affected >= 1.13.2, < 1.15.3fixed 1.15.3
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially cr
- CVE-2021-41186Oct 29, 2021affected >= 0.14.14, < 1.14.2fixed 1.14.2
Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain