Описание
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
Ссылки
- Third Party Advisory
- Issue TrackingRelease NotesThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingRelease NotesThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:fluentd:fluentd:0.12.29:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.30:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.31:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.32:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.33:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.34:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.35:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.36:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.37:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.38:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.39:*:*:*:*:*:*:*
cpe:2.3:a:fluentd:fluentd:0.12.40:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01357
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 5.3
redhat
больше 8 лет назад
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
CVSS3: 9.8
debian
около 8 лет назад
Escape sequence injection vulnerability in Fluentd versions 0.12.29 th ...
CVSS3: 9.8
github
больше 3 лет назад
Fluentd Escape Sequence Injection Vulnerability
EPSS
Процентиль: 80%
0.01357
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo