10 matches found
EUVD-2021-33529
Malicious code in bioql PyPI...
BIT-FLUENT-BIT-2021-46878
An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flbpackmsgpacktojsonformat leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. This can be used by an attacker to craft a specially craft file an...
CVE-2021-46879
An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flbmsgpackgelfvalueext. An attacker can craft a malicious file and tick the victim to open the file with the software, triggering a heap overflow and execute...
CVE-2021-46878
An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flbpackmsgpacktojsonformat leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. This can be used by an attacker to craft a specially craft file an...
CVE-2021-46878
An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flbpackmsgpacktojsonformat leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. This can be used by an attacker to craft a specially craft file an...
CVE-2021-46879
An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flbmsgpackgelfvalueext. An attacker can craft a malicious file and tick the victim to open the file with the software, triggering a heap overflow and execute...
CVE-2021-46878
An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flbpackmsgpacktojsonformat leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. This can be used by an attacker to craft a specially craft file an...
PT-2023-12599 · Treasure Data · Treasure Data Fluent Bit
Name of the Vulnerable Software and Affected Versions: Treasure Data Fluent Bit version 1.7.1 Description: An issue was discovered in Treasure Data Fluent Bit, where a wrong variable is used to get the msgpack data, resulting in a heap overflow in flb msgpack gelf value ext. An attacker can craft...
CVE-2021-46879
An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flbmsgpackgelfvalueext. An attacker can craft a malicious file and tick the victim to open the file with the software, triggering a heap overflow and execute...
CVE-2021-46879
The CVE-2021-46879 issue affects Treasure Data Fluent Bit 1.7.1. A wrong variable is used when reading msgpack data, causing a heap overflow in flb_msgpack_gelf_value_ext. This can be triggered by a crafted file opened with Fluent Bit, potentially allowing arbitrary code execution on the target s...