CVE-2017-10906
N/A
N/A
Summary
Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cloud Native Computing Foundation (CNCF) | Fluentd | 0.12.29 through 0.12.40 | affected |
Weaknesses
- Escape Sequence Injection
ADP Enrichment
CVE Program Container
Additional References
- https://access.redhat.com/errata/RHSA-2018:2225
- https://jvn.jp/en/vu/JVNVU95124098/index.html
- https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes
- https://github.com/fluent/fluentd/pull/1733
References
- https://access.redhat.com/errata/RHSA-2018:2225
- https://jvn.jp/en/vu/JVNVU95124098/index.html
- https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes
- https://github.com/fluent/fluentd/pull/1733
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.