📦 Fluent Bit
by Treasuredata
🔍 What is Fluent Bit?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability in Fluent Bit's input plugins allows attackers to inject malicious tag_key values containing special characters. When exploited, this can lead to newline injection, path traversal, ...
A heap-based buffer overflow vulnerability in Fluent Bit's embedded HTTP server allows attackers to corrupt memory by sending specially crafted trace requests. This can lead to denial of service, info...
CVE-2021-36088 is a double-free vulnerability in Fluent Bit's JSON parser that can lead to memory corruption and potential remote code execution. This affects Fluent Bit versions 1.7.0 through 1.7.4 w...
CVE-2025-12970 is a buffer overflow vulnerability in Fluent Bit's in_docker input plugin that allows attackers who can create or control container names to crash the Fluent Bit process or execute arbi...
CVE-2024-50608 is a NULL pointer dereference vulnerability in Fluent Bit's Prometheus Remote Write input plugin that allows remote denial of service attacks. When an attacker sends a packet with Conte...
CVE-2024-50609 is a NULL pointer dereference vulnerability in Fluent Bit's OpenTelemetry input plugin that allows remote denial of service attacks. When an attacker sends a packet with Content-Length:...
CVE-2024-26455 is a use-after-free vulnerability in fluent-bit's custom_calyptia plugin that could allow attackers to execute arbitrary code or cause denial of service. This affects systems running fl...
CVE-2021-46878 is a type confusion vulnerability in Fluent Bit's msgpack parsing that leads to use-after-free conditions. Attackers can craft malicious files that, when processed by vulnerable Fluent ...
CVE-2025-12972 is a path traversal vulnerability in Fluent Bit's out_file plugin that allows attackers to write files outside the intended output directory by crafting malicious tag values. This affec...
This vulnerability allows remote attackers to bypass authentication in Fluent Bit's in_forward input plugin under certain configurations, enabling them to send unauthenticated log data. Attackers can ...
Fluent Bit's in_http, in_splunk, and in_elasticsearch input plugins have a tag validation flaw where tag prefixes can be incorrectly matched as full tags. This allows authenticated attackers to manipu...
A local denial-of-service vulnerability in fluent-bit v3.7.2 allows attackers to crash the service by exploiting a flaw in the cfl_list_size function. This affects systems running the vulnerable versi...