Lucene search
K

4 matches found

OSV
OSV
added 2026/06/26 4:35 p.m.2 views

GHSA-J9CW-HWQF-85W7 Fluentd is Vulnerable to Denial of Service (DoS) via Gzip Decompression Bomb in `in_http` and `in_forward`

Fluentd's inhttp and inforward plugins support receiving gzip-compressed data. While Fluentd correctly enforces size limits on the incoming compressed payloads e.g., via bodysizelimit or chunksizelimit, it was discovered that there is no limit enforced on the size of the decompressed data. If a...

7.5CVSS5.8AI score
Exploits0References3
Redos
Redos
added 2026/03/19 12:0 a.m.8 views

ROS-20260319-73-0010

A vulnerability in the inforward plug-in of the Fluent Bit logging tool is related to a lack of authentication for a critical function . Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and gain access to the system...

6.5CVSS5.8AI score0.00555EPSS
Exploits0
NVD
NVD
added 2025/11/24 3:15 p.m.6 views

CVE-2025-12969

Fluent Bit inforward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing...

6.5CVSS0.00555EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/24 2:41 p.m.2 views

CVE-2025-12969 CVE-2025-12969

Fluent Bit inforward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing...

6.8AI score0.00555EPSS
Exploits0References2
Rows per page
Query Builder