Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-46878
HistoryApr 11, 2023 - 12:00 a.m.

CVE-2021-46878

2023-04-1100:00:00
mitre
www.cve.org
1
fluent bit 1.7.1
type confusion
arbitrary code execution
use-after-free
stack parsing
msgpack maps
msgpack arrays

EPSS

0.001

Percentile

42.8%

JSON

An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flb_pack_msgpack_to_json_format leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. This can be used by an attacker to craft a specially craft file and trick the victim opening it using the affect software, triggering use-after-free and execute arbitrary code on the target system.

Related

osv 2
cbl_mariner 1
nvd 1
cve 1
prion 1
osv
osv
CVE-2021-46878
2023-04-11 18:15:58
BIT-fluent-bit-2021-46878
2024-03-06 10:52:01
cbl_mariner
cbl_mariner
CVE-2021-46878 affecting package fluent-bit 1.5.2-2
2023-05-25 17:55:45
nvd
nvd
CVE-2021-46878
2023-04-11 18:15:58
cve
cve
CVE-2021-46878
2023-04-11 18:15:58
prion
prion
Type confusion
2023-04-11 18:15:00

EPSS

0.001

Percentile

42.8%

JSON
Related for CVELIST:CVE-2021-46878
osv2cbl_mariner1nvd1cve1prion1