fluentd 0.12.38

2 security vulnerabilities found in version 0.12.38

Fluentd Escape Sequence Injection Vulnerability

critical severity CVE-2017-10906
critical severity CVE-2017-10906
Patched versions: >= 0.12.41
Unaffected versions: < 0.12.29

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

Fluent Fluentd and Fluent-ui use default password

high severity CVE-2020-21514
high severity CVE-2020-21514
Affected versions: <= 1.8.0

An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 that allows attackers to gain escilated privileges and execute arbitrary code due to use of a default password.

No officially reported memory leakage issues detected.


This gem version does not have any officially reported memory leaked issues.

No license issues detected.


This gem version has a license in the gemspec.

This gem version is available.


This gem version has not been yanked and is still available for usage.