361 matches found
CVE-2025-63652 affecting package fluent-bit for versions less than 3.1.10-6
CVE-2025-63652 affecting package fluent-bit for versions less than 3.1.10-6. A patched version of the package is available...
CVE-2025-63657 affecting package fluent-bit for versions less than 3.1.10-5
CVE-2025-63657 affecting package fluent-bit for versions less than 3.1.10-5. A patched version of the package is available...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: knative-operator, runc, gatekeeper, kaf, snyk-cli, hubble, ingress-nginx-controller, cilium-envoy, libnvidia-container, kube-fluentd-operator, gitlab-kas, aactl, kubernetes-dashboard, net-kourier, external-secrets-operator, cloud-provider-aws, cilium-cli, argo-cd,...
CLEANSTART-2026-CG86499 Security fixes for CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 3.6.5-r0
Multiple security vulnerabilities affect the fluent-bit-plugin-loki package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2021-27186
Fluent Bit 1.6.10 has a NULL pointer dereference when an flbmalloc return value is not validated by flbavro.c or httpserver/api/v1/metrics.c...
ROS-20260319-73-0012
A vulnerability in the tagkey validation mechanism of the Fluent Bit log collection and processing tool is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker acting remotely to affect the integrity and availability of protected information...
ROS-20260319-73-0008
A vulnerability in the indocker plugin of the extractname function of the Fluent Bit log collection and processing tool is related to a stacked buffer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260319-73-0009
A vulnerability in the outfile plugin of the Fluent Bit logging tool is related to an incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to write an arbitrary file outside the target directory...
ROS-20260319-73-0010
A vulnerability in the inforward plug-in of the Fluent Bit logging tool is related to a lack of authentication for a critical function . Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and gain access to the system...
ROS-20260319-73-0011
A vulnerability in the inhttp, insplunk and inelasticsearch plugins of the Fluent Bit log collection and processing tool is related to incorrect input data type validation when processing the tagkey parameter. Exploitation of the vulnerability could allow an attacker acting remotely to disclose a...
AZL-76364 CVE-2025-63658 affecting package fluent-bit 3.1.10-4
A stack overflow in the mkhttpindexlookup function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76389 CVE-2025-63656 affecting package fluent-bit 3.0.6-6
An out-of-bounds read in the headercmp function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76367 CVE-2025-63656 affecting package fluent-bit 3.1.10-4
An out-of-bounds read in the headercmp function mkserver/mkhttpparser.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76361 CVE-2025-63657 affecting package fluent-bit 3.1.10-4
An out-of-bounds read in the mkmimetypefind function mkserver/mkmimetype.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76392 CVE-2025-63657 affecting package fluent-bit 3.0.6-6
An out-of-bounds read in the mkmimetypefind function mkserver/mkmimetype.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76386 CVE-2025-63658 affecting package fluent-bit 3.0.6-6
A stack overflow in the mkhttpindexlookup function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76355 CVE-2025-63650 affecting package fluent-bit 3.1.10-4
An out-of-bounds read in the mkptrtobuf in mkcore function mkmemory.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76466 CVE-2025-63653 affecting package fluent-bit 3.0.6-6
An out-of-bounds read in the mkvhostfdtclose function mkserver/mkvhost.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76383 CVE-2025-63650 affecting package fluent-bit 3.0.6-6
An out-of-bounds read in the mkptrtobuf in mkcore function mkmemory.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...
AZL-76358 CVE-2025-63655 affecting package fluent-bit 3.1.10-4
A NULL pointer dereference in the mkhttprangeparse function mkserver/mkhttp.c of monkey commit f37e984 allows attackers to cause a Denial of Service DoS via sending a crafted HTTP request to the server...