RubyGems package

fluentd

pkg:gem/fluentd

Vulnerabilities (3)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-39379		—	>= 1.13.2, < 1.15.3	1.15.3	Nov 2, 2022	Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially cr
CVE-2021-41186		—	>= 0.14.14, < 1.14.2	1.14.2	Oct 29, 2021	Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain
CVE-2017-10906	Cri	9.8	>= 0.12.29, < 0.12.41	0.12.41	Dec 8, 2017	Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

CVE-2022-39379Nov 2, 2022
affected >= 1.13.2, < 1.15.3fixed 1.15.3
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially cr
CVE-2021-41186Oct 29, 2021
affected >= 0.14.14, < 1.14.2fixed 1.14.2
Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain
CVE-2017-10906CriDec 8, 2017
affected >= 0.12.29, < 0.12.41fixed 0.12.41
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.