Vulnerabilities > Treasuredata > Fluent BIT > 1.7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-04-11 | CVE-2021-46878 | Type Confusion vulnerability in Treasuredata Fluent BIT 1.7.1 An issue was discovered in Treasure Data Fluent Bit 1.7.1, erroneous parsing in flb_pack_msgpack_to_json_format leads to type confusion bug that interprets whatever is on the stack as msgpack maps and arrays, leading to use-after-free. | 7.8 |
2023-04-11 | CVE-2021-46879 | Out-of-bounds Write vulnerability in Treasuredata Fluent BIT 1.7.1 An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flb_msgpack_gelf_value_ext. | 7.8 |