Fluent Bit Security Vulnerabilities and Issues — Fluent Bit CVE List

Lucene search

TreasuredataFluent Bit

3 matches found

CVE•added 2021/07/01 3:15 a.m.•75 views

CVE-2021-36088

Fluent Bit (aka fluent-bit) 1.7.0 through 1.7.4 has a double free in flb_free (called from flb_parser_json_do and flb_parser_do).

9.8CVSS9.5AI score0.0051EPSS

CVE•added 2021/01/03 7:15 p.m.•61 views

CVE-2020-35963

flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion.

7.8CVSS7.6AI score0.00376EPSS

CVE•added 2021/02/10 10:15 p.m.•39 views

CVE-2021-27186

Fluent Bit 1.6.10 has a NULL pointer dereference when an flb_malloc return value is not validated by flb_avro.c or http_server/api/v1/metrics.c.

7.5CVSS7.5AI score0.00409EPSS