BIT-fluent-bit-2020-35963

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/fluent-bit/BIT-fluent-bit-2020-35963.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-fluent-bit-2020-35963
Aliases
Published
2024-03-06T10:52:31.995Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

flbgzipcompress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion.

References

Affected packages

Bitnami / fluent-bit

Package

Name
fluent-bit
Purl
pkg:bitnami/fluent-bit

Severity

  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.4