Home > Vulnerability Database > CVE-2024-4323

Mend.io Vulnerability Database

CVE-2024-4323

Good to know:

Date: May 20, 2024

A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.

Language: C

Severity Score

9.8

Related Resources (4)

Url: https://tenable.com/security/research/tra-2024-17

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-4323

Url: https://github.com/fluent/fluent-bit/commit/9311b43a258352797af40749ab31a63c32acfd04

Url: https://www.mend.io/vulnerability-database/CVE-2024-4323

Severity Score

9.8

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

Top Fix

Upgrade Version

Upgrade to version 9311b43a258352797af40749ab31a63c32acfd04

Learn More

CVSS v3.1

Base Score:	9.8
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-4323

Good to know:

Date: May 20, 2024

Language: C

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?