Описание
Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. This issue is patched in version 1.14.2 There are two workarounds available. Either don't use parser_apache2 for parsing logs (which cannot guarantee generated by Apache), or put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable FLUENT_PLUGIN or --plugin option of fluentd).
Отчет
The OpenShift Logging team does not configure to use the parser_apache2 plugin. Fixes for this vulnerbility will be delivered in a future fluentd update.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/fluentd-rhel8 | Will not fix | ||
| Red Hat OpenShift Container Platform 3.11 | fluentd | Out of support scope | ||
| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-fluentd | Out of support scope | ||
| Red Hat OpenStack Platform 10 (Newton) | puppet-fluentd | Out of support scope | ||
| Red Hat OpenStack Platform 10 (Newton) Operational Tools | fluentd | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | puppet-fluentd | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) Operational Tools | fluentd | Out of support scope |
Показывать по
Дополнительная информация
Статус:
5.9 Medium
CVSS3
Связанные уязвимости
Fluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. This issue is patched in version 1.14.2 There are two workarounds available. Either don't use parser_apache2 for parsing logs (which cannot guarantee generated by Apache), or put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable `FLUENT_PLUGIN` or `--plugin` option of fluentd).
Fluentd collects events from various data sources and writes them to f ...
5.9 Medium
CVSS3