Описание
Fluentd Escape Sequence Injection Vulnerability
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-10906
- https://github.com/fluent/fluentd/pull/1733
- https://access.redhat.com/errata/RHSA-2018:2225
- https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/fluentd/CVE-2017-10906.yml
- https://jvn.jp/en/vu/JVNVU95124098/index.html
Пакеты
fluentd
>= 0.12.29, < 0.12.41
0.12.41
Связанные уязвимости
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
Escape sequence injection vulnerability in Fluentd versions 0.12.29 th ...