CVE-2024-50609 affecting package fluent-bit for versions less than 3.1.9-3

CVE-2024-50609 affecting package fluent-bit for versions less than 3.1.9-3. A patched version of the package is available...

CVE-2024-50608

An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access t...

Azure Linux 3.0 Security Update: fluent-bit (CVE-2024-4323)

The version of fluent-bit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4323 advisory. - A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedde...

CVE-2024-23722

In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly...