May 21, 2024 at 03:01AM Cybersecurity researchers discovered a critical security flaw, CVE-2024-4323, in the popular logging and metrics utility Fluent Bit, impacting versions 2.0.7 through 3.0.3. The flaw allows for denial-of-service (DoS), information disclosure, or remote code execution by exploiting the API’s endpoints. Users are urged to update to version 3.0.4 to mitigate potential … Read more
May 20, 2024 at 11:42AM Fluent Bit, a widely used logging utility, has a critical vulnerability allowing DoS attacks, information disclosure, and potential RCE. Tenable found a memory corruption flaw, affecting major cloud and tech companies. While a patch is developed, it’s not released. Users are advised to mitigate risks by restricting API access and … Read more
December 28, 2023 at 08:54AM Google Cloud addressed a medium-severity security flaw that could allow escalation of privileges for attackers with access to a Kubernetes cluster. Palo Alto Networks Unit 42 discovered the vulnerability, which could lead to data theft and disruption of cluster operations. The issue has been fixed in specific versions of Google … Read more