365 matches found
EUVD-2025-4694
Malicious code in bioql PyPI...
CVE-2025-54126 affecting package fluent-bit for versions less than 3.0.6-3
CVE-2025-54126 affecting package fluent-bit for versions less than 3.0.6-3. A patched version of the package is available...
CVE-2025-54126 affecting package fluent-bit for versions less than 3.1.9-5
CVE-2025-54126 affecting package fluent-bit for versions less than 3.1.9-5. A patched version of the package is available...
AZL-67608 CVE-2025-58749 affecting package fluent-bit for versions less than 3.1.9-6
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
AZL-67617 CVE-2025-58749 affecting package fluent-bit for versions less than 3.0.6-4
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
...
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.
...
Linux Distros Unpatched Vulnerability : CVE-2024-23722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crash...
AZL-66048 CVE-2025-54126 affecting package fluent-bit for versions less than 3.0.6-3
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
AZL-66045 CVE-2025-54126 affecting package fluent-bit for versions less than 3.1.9-5
The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...
Fedora: Security Advisory (FEDORA-2025-e31c4c683b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-7a83d90b38)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-b355fdb8e5)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-36088
Fluent Bit aka fluent-bit 1.7.0 through 1.7.4 has a double free in flbfree called from flbparserjsondo and flbparserdo...
CVE-2019-9749
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker server, it mishandles incoming network messages. After processing a crafted packet, the plugin's mqttpacketdrop function in /plugins/inmqtt/mqttprot.c executes the memmove functio...
BIT-FLUENT-BIT-2024-26455
fluent-bit 2.2.2 contains a Use-After-Free vulnerability in /fluent-bit/plugins/customcalyptia/calyptia.c...
BIT-FLUENT-BIT-2024-50609
An issue was discovered in Fluent Bit 3.1.9. When the OpenTelemetry input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access to the...
BIT-FLUENT-BIT-2024-50608
An issue was discovered in Fluent Bit 3.1.9. When the Prometheus Remote Write input plugin is running and listening on an IP address and port, one can send a packet with Content-Length: 0 and it crashes the server. Improper handling of the case when Content-Length is 0 allows a user with access t...
CVE-2025-31498 affecting package fluent-bit for versions less than 3.1.9-4
CVE-2025-31498 affecting package fluent-bit for versions less than 3.1.9-4. A patched version of the package is available...
Azure Linux 3.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31130)
The version of c-ares / fluent-bit / grpc / nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31130 advisory. - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a...