mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
24 lines
874 B
JSON
24 lines
874 B
JSON
{
|
|
"id": "CVE-2021-46879",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2023-04-11T18:15:58.387",
|
|
"lastModified": "2023-04-11T18:19:45.473",
|
|
"vulnStatus": "Undergoing Analysis",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flb_msgpack_gelf_value_ext. An attacker can craft a malicious file and tick the victim to open the file with the software, triggering a heap overflow and execute arbitrary code on the target system."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26851",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://github.com/fluent/fluent-bit/pull/3100",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |