CVE-2017-10906

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-10906

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10906.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-10906

Aliases

GHSA-5jrp-w8fr-mrww

Downstream

RHSA-2018:2225

Published

2017-12-08T15:29:00.260Z

Modified

2025-11-14T04:55:30.763604Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors.

References

Affected packages

Git / github.com/fluent/fluentd

Affected ranges

Type: GIT
Repo: https://github.com/fluent/fluentd
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

0c44166f8d1c355c6095de411006ab963c8b6dc4

Last affected

423cf7f9cf27950d89e7814fb3039b027b501924

Last affected

424960808693efdccb04230bd7754332bde58661

Last affected

4441ec78af292ef22eb4fd6ea6ea3603eb4c1e79

Last affected

55f0d0f785abbf7b09ca2fe4a47df6dfeaed3bb8

Last affected

79a2cbe26815aa8964cec25f0b2da62071da2c43

Last affected

8a89be543cba59e3d377d226ee28f1f91277517f

Last affected

beca7383a6c214d266b367bffd82f72e836b3dee

Last affected

cd458194c949851a2b76c06b994330e964b55cc0

Last affected

d5e0a61e06a7cfeb7266b018e77ac74f85c0c06d

Last affected

dc9753d0db1e9f9ea0a4d9da53be7f1cb104bf3a

Last affected

fb743e3f851b56fd76c3804738ed64d647e387ef

Affected versions

v0.*

v0.10.0

v0.10.1

v0.10.10

v0.10.11

v0.10.12

v0.10.13

v0.10.14

v0.10.15

v0.10.16

v0.10.17

v0.10.18

v0.10.19

v0.10.2

v0.10.20

v0.10.21

v0.10.22

v0.10.23

v0.10.24

v0.10.25

v0.10.26

v0.10.27

v0.10.28

v0.10.3

v0.10.30

v0.10.31

v0.10.32

v0.10.34

v0.10.35

v0.10.36

v0.10.37

v0.10.38

v0.10.39

v0.10.4

v0.10.40

v0.10.41

v0.10.42

v0.10.43

v0.10.44

v0.10.45

v0.10.46

v0.10.47

v0.10.48

v0.10.49

v0.10.5

v0.10.50

v0.10.51

v0.10.52

v0.10.53

v0.10.6

v0.10.7

v0.10.8

v0.10.9

v0.12.0

v0.12.0.pre.1

v0.12.0.pre.2

v0.12.0.pre.3

v0.12.1

v0.12.10

v0.12.11

v0.12.12

v0.12.13

v0.12.14

v0.12.15

v0.12.16

v0.12.17

v0.12.18

v0.12.19

v0.12.2

v0.12.20

v0.12.21

v0.12.22

v0.12.23

v0.12.24

v0.12.25

v0.12.26

v0.12.27

v0.12.28

v0.12.29

v0.12.3

v0.12.30

v0.12.4

v0.12.5

v0.12.6

v0.12.7

v0.12.8

v0.12.9

v0.9.0

v0.9.1

v0.9.10

v0.9.11

v0.9.12

v0.9.13

v0.9.14

v0.9.15

v0.9.16

v0.9.17

v0.9.18

v0.9.19

v0.9.2

v0.9.20

v0.9.21

v0.9.3

v0.9.4

v0.9.5

v0.9.6

v0.9.7

v0.9.8

v0.9.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10906.json"