nvd-json-data-feeds/CVE-2024/CVE-2024-43xx/CVE-2024-4323.json

{
  "id": "CVE-2024-4323",
  "sourceIdentifier": "vulnreport@tenable.com",
  "published": "2024-05-20T12:15:08.720",
  "lastModified": "2024-05-20T13:00:04.957",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server\u2019s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "vulnreport@tenable.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "vulnreport@tenable.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/fluent/fluent-bit/commit/9311b43a258352797af40749ab31a63c32acfd04",
      "source": "vulnreport@tenable.com"
    },
    {
      "url": "https://tenable.com/security/research/tra-2024-17",
      "source": "vulnreport@tenable.com"
    }
  ]
}
Auto-Update: 2024-05-20T14:00:39.406986+00:00 2024-05-20 14:03:31 +00:00			`{`
			`"id": "CVE-2024-4323",`
			`"sourceIdentifier": "vulnreport@tenable.com",`
			`"published": "2024-05-20T12:15:08.720",`
			`"lastModified": "2024-05-20T13:00:04.957",`
			`"vulnStatus": "Awaiting Analysis",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server\u2019s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "vulnreport@tenable.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 9.8,`
			`"baseSeverity": "CRITICAL"`
			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "vulnreport@tenable.com",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-122"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://github.com/fluent/fluent-bit/commit/9311b43a258352797af40749ab31a63c32acfd04",`
			`"source": "vulnreport@tenable.com"`
			`},`
			`{`
			`"url": "https://tenable.com/security/research/tra-2024-17",`
			`"source": "vulnreport@tenable.com"`
			`}`
			`]`
			`}`