CVE-2024-23722

Published: Mar 26, 2024

Modified: Aug 6, 2024

PUBLISHED

Description

In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/fluent/fluent-bit/compare/v2.2.1...v2.2.2

https://medium.com/%40adurands82/fluent-bit-dos-vulnerability-cve-2024-23722-4e3e74af9d00

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-23722

Description

Affected Products

References