Lucene search
K

257 matches found

OSV
OSV
added 2026/06/26 5:2 p.m.2 views

GHSA-XV9W-7V6Q-HPJH fluent-plugin-s3 Vulnerable to Denial of Service (DoS) via Decompression Bomb in `in_s3`

The fluent-plugin-s3 plugin specifically the ins3 input plugin supports reading and decompressing heavily compressed files such as gzip, lzma2, and lzop from Amazon S3. It was discovered that the plugin read the entire decompressed payload into memory at once without enforcing a strict size limit...

2.7CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/26 4:36 p.m.3 views

GHSA-72F5-RR8C-R6GR Fluentd is Vulnerable to Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`

The outhttp output plugin allows the use of placeholders such as $tag in the endpoint configuration parameter. It was discovered that if the placeholder value is derived from untrusted user input, an attacker can maliciously control the destination hostname of the outbound HTTP requests made by...

7.2CVSS6AI score
Exploits0References3
OSV
OSV
added 2026/06/26 4:35 p.m.2 views

GHSA-J9CW-HWQF-85W7 Fluentd is Vulnerable to Denial of Service (DoS) via Gzip Decompression Bomb in `in_http` and `in_forward`

Fluentd's inhttp and inforward plugins support receiving gzip-compressed data. While Fluentd correctly enforces size limits on the incoming compressed payloads e.g., via bodysizelimit or chunksizelimit, it was discovered that there is no limit enforced on the size of the decompressed data. If a...

7.5CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/26 4:32 p.m.2 views

GHSA-PR7J-96CJ-549H Fluentd is Vulnerable to Exposure of Sensitive Information via Monitor Agent API

Fluentd's Monitor Agent plugin inmonitoragent exposes internal metrics and plugin information via a REST API. It was discovered that the API response /api/plugins.json and related endpoints unintentionally includes internal instance variables of loaded plugins. If any plugins store sensitive...

7.5CVSS5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/26 4:32 p.m.2 views

GHSA-44HJ-4M45-FRJ3 Fluentd is Vulnerable to Remote Code Execution (RCE) via Arbitrary File Write in `${tag}` Placeholder

Fluentd allows dynamically constructing file paths using the $tag placeholder. It was discovered that validation for this placeholder was insufficient. If a Fluentd instance is configured to receive logs from untrusted sources and uses the $tag placeholder in file configurations such as the path...

9.8CVSS6.1AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.16 views

PT-2026-53002

Name of the Vulnerable Software and Affected Versions Fluentd versions prior to 1.19.3 Description Insufficient validation of the $tag placeholder allows for the dynamic construction of file paths that can be manipulated. If an instance is configured to receive logs from untrusted sources and use...

9.8CVSS6.1AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.8 views

PT-2026-53005

The out http output plugin allows the use of placeholders such as $tag in the endpoint configuration parameter. It was discovered that if the placeholder value is derived from untrusted user input, an attacker can maliciously control the destination hostname of the outbound HTTP requests made by...

7.2CVSS6AI score
Exploits0References5
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.7 views

CVE-2026-54905 vulnerabilities

Vulnerabilities for packages: ruby4.0-fluentd-kubernetes-daemonset, ruby4.0-rails, ruby3.3-fluentd-kubernetes-daemonset, kube-logging-operator, ruby3.4-rails, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby3.3-rails, kube-fluentd-operator...

5.5CVSS5.9AI score0.00106EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.9 views

GHSA-6WX8-W4F5-WWCR vulnerabilities

Vulnerabilities for packages: ruby4.0-fluentd-kubernetes-daemonset, ruby4.0-rails, ruby3.3-fluentd-kubernetes-daemonset, kube-logging-operator, ruby3.4-rails, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby3.3-rails, kube-fluentd-operator...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.6 views

CVE-2026-54906 vulnerabilities

Vulnerabilities for packages: ruby4.0-fluentd-kubernetes-daemonset, ruby4.0-rails, ruby3.3-fluentd-kubernetes-daemonset, kube-logging-operator, ruby3.4-rails, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby3.3-rails, kube-fluentd-operator...

9.8CVSS5.9AI score0.0016EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.7 views

CVE-2026-54904 vulnerabilities

Vulnerabilities for packages: ruby4.0-fluentd-kubernetes-daemonset, ruby4.0-rails, ruby3.3-fluentd-kubernetes-daemonset, kube-logging-operator, ruby3.4-rails, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby3.3-rails, kube-fluentd-operator...

8.2CVSS5.9AI score0.00278EPSS
Exploits1
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.5 views

GHSA-WV3X-4VXV-WHPP vulnerabilities

Vulnerabilities for packages: ruby4.0-fluentd-kubernetes-daemonset, ruby4.0-rails, ruby3.3-fluentd-kubernetes-daemonset, kube-logging-operator, ruby3.4-rails, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby3.3-rails, kube-fluentd-operator...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.6 views

GHSA-H8W8-99G7-QMVJ vulnerabilities

Vulnerabilities for packages: ruby4.0-fluentd-kubernetes-daemonset, ruby4.0-rails, ruby3.3-fluentd-kubernetes-daemonset, kube-logging-operator, ruby3.4-rails, ruby3.4-fluentd-kubernetes-daemonset, ruby3.2-fluentd-kubernetes-daemonset, ruby3.2-rails, ruby3.3-rails, kube-fluentd-operator...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.8 views

GHSA-98M9-HRRM-R99R vulnerabilities

Vulnerabilities for packages: gitlab-cng, gitlab-rails-ce, kube-logging-operator, cinc-auditor, ruby3.3-faraday, logstash, kube-fluentd-operator, gitlab-rails-ce-fips, logstash-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.8 views

CVE-2026-54297 vulnerabilities

Vulnerabilities for packages: gitlab-cng, gitlab-rails-ce, kube-logging-operator, cinc-auditor, ruby3.3-faraday, logstash, kube-fluentd-operator, gitlab-rails-ce-fips, logstash-fips...

7.5CVSS7AI score0.00391EPSS
Exploits1
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.11 views

CVE-2026-32282 vulnerabilities

Vulnerabilities for packages: prometheus, aws-flb-kinesis, telegraf, aactl, cert-manager, kubernetes, cilium-envoy, k3s, kube-fluentd-operator, datadog-agent, fscrypt, redka, kyverno, cilium-cli, gitlab-kas, kine, prometheus-operator, coredns, libnvidia-container, zot, nerdctl, kots, net-kourier,...

6.4CVSS6.8AI score0.00292EPSS
Exploits0
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.11 views

CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: tofu-controller, kube-vip, kubernetes-csi-external-resizer, metacontroller, crane, terraform-mcp-server, harbor-scanner-trivy, nri-haproxy, helm-mapkubeapis, victoriametrics, nova, coredns, rancher-fleet, oras, syft, wgcf, kubebuilder, logstash-exporter, cilium,...

7.5CVSS7.1AI score0.00349EPSS
Exploits0
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.9 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: migrate, telegraf, tofu-controller, cloud-provider-vsphere, kube-state-metrics, kube-vip, policy-controller, spqr, volume-modifier-for-k8s, kubernetes-csi-external-resizer, rancher-agent, rclone, flux-source-controller, datadog-agent, flux-notification-controller,...

5.9AI score
Exploits0
OSV
OSV
added 2026/04/09 12:45 a.m.5 views

CLEANSTART-2026-HZ73294 Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service

Multiple security vulnerabilities affect the kube-fluentd-operator package. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. See references for individual...

9.8CVSS7AI score0.91969EPSS
Exploits4References39
OSV
OSV
added 2026/04/06 2:50 a.m.4 views

CLEANSTART-2026-SQ68600 Security fixes for CVE-2023-45288, CVE-2024-24786, CVE-2024-45338, CVE-2025-22868, CVE-2025-22869, CVE-2025-22872, CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2025-65637, ghsa-4f99-4q7p-p3gh, ghsa-4v7x-pqxf-cx7m, ghsa-6v2p-p543-phr9, ghsa-8r3f-844c-mc37, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-qxp5-gwg8-xv66, ghsa-v778-237x-gjrc, ghsa-vvgc-356p-c3xw applied in versions: 1.18.2-r0

Multiple security vulnerabilities affect the kube-fluentd-operator package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS7.1AI score0.91969EPSS
Exploits4References35
Rows per page
Query Builder