1 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors. Una vulnerabilidad de inyección de secuencias de escape en Fluentd en las versiones 0.12.29 hasta la 0.12.40 podría permitir que un atacante cambie la interfaz de usuario del terminal o ejecute comandos arbitrarios en el dispositivo mediante vectores sin especificar. • https://access.redhat.com/errata/RHSA-2018:2225 https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes https://github.com/fluent/fluentd/pull/1733 https://jvn.jp/en/vu/JVNVU95124098/index.html https://access.redhat.com/security/cve/CVE-2017-10906 https://bugzilla.redhat.com/show_bug.cgi?id=1524783 • CWE-138: Improper Neutralization of Special Elements •