VYPR

Fluentd

by Fluentd

gem: fluentd

Source repositories

CVEs (2)

  • CVE-2017-10906CriDec 8, 2017
    risk 0.64cvss 9.8epss 0.05

    Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

  • CVE-2020-28169Dec 24, 2020
    risk 0.03cvss epss 0.01

    The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.