{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T04:29:19.629","vulnerabilities":[{"cve":{"id":"CVE-2017-10906","sourceIdentifier":"vultures@jpcert.or.jp","published":"2017-12-08T15:29:00.260","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors."},{"lang":"es","value":"Una vulnerabilidad de inyección de secuencias de escape en Fluentd en las versiones 0.12.29 hasta la 0.12.40 podría permitir que un atacante cambie la interfaz de usuario del terminal o ejecute comandos arbitrarios en el dispositivo mediante vectores sin especificar."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.29:*:*:*:*:*:*:*","matchCriteriaId":"E239F1C0-FF43-4BAA-9D5B-3B7E9FEA327C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.30:*:*:*:*:*:*:*","matchCriteriaId":"2086C8D1-DDC8-4074-95E5-82865839DCA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.31:*:*:*:*:*:*:*","matchCriteriaId":"8BC7FD40-1F7D-4A02-98DC-08A076DDD927"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.32:*:*:*:*:*:*:*","matchCriteriaId":"93F62B56-8953-4EE8-94B8-64E354EC60D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.33:*:*:*:*:*:*:*","matchCriteriaId":"ABC5C48D-08B0-4477-AB11-168429985D3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.34:*:*:*:*:*:*:*","matchCriteriaId":"46F12BEC-8EDE-47B2-ADBF-EAF5FDB56E19"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.35:*:*:*:*:*:*:*","matchCriteriaId":"E27DE234-F139-4964-A0C2-6AFEB48E3712"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.36:*:*:*:*:*:*:*","matchCriteriaId":"4257D676-4D0B-4470-BEA6-437CE56DF3FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.37:*:*:*:*:*:*:*","matchCriteriaId":"35209FD8-F148-446B-8FE9-36AD908D9A91"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.38:*:*:*:*:*:*:*","matchCriteriaId":"6DCDBCBA-8F48-47E0-8E04-D69890CAC887"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.39:*:*:*:*:*:*:*","matchCriteriaId":"5D3BAA6D-4AB9-4323-A799-D5B2DAA65785"},{"vulnerable":true,"criteria":"cpe:2.3:a:fluentd:fluentd:0.12.40:*:*:*:*:*:*:*","matchCriteriaId":"D89D4AAD-EE06-4485-A2F7-04B8222B6968"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*","matchCriteriaId":"704CFA1A-953E-4105-BFBE-406034B83DED"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2018:2225","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes","source":"vultures@jpcert.or.jp","tags":["Issue Tracking","Release Notes","Third Party Advisory"]},{"url":"https://github.com/fluent/fluentd/pull/1733","source":"vultures@jpcert.or.jp","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU95124098/index.html","source":"vultures@jpcert.or.jp","tags":["Issue Tracking","Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2018:2225","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/fluent/fluentd/blob/v0.12/CHANGELOG.md#bug-fixes","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Release Notes","Third Party Advisory"]},{"url":"https://github.com/fluent/fluentd/pull/1733","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU95124098/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory","VDB Entry"]}]}}]}