Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fluentd fluentd vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv2
CVE-2020-28169
The td-agent-builder plugin prior to 2020-12-18 for Fluentd allows malicious users to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.
Td-agent-builder Project Td-agent-builder
Debian Debian Linux 10.0
1 Github repository
6.5
CVSSv2
CVE-2019-12303
In Rancher 2 up to and including 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container.
Suse Rancher
5
CVSSv2
CVE-2021-41186
Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain ...
Fluentd Fluentd
NA
CVE-2020-21514
An issue exists in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 allows malicious users to gain escalated privileges and execute arbitrary code due to a default password.
Fluentd Fluentd-ui 1.2.2
Fluentd Fluentd 1.8.0
NA
CVE-2022-39379
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated malicious users to execute arbitrary code via specia...
Fluentd Fluentd
Fedoraproject Fedora 37
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started