vuln disclosure
Memory Corruption Vulnerability in Fluent Bit Monitoring API (CVE-2024-4323)CVE-2024-4323
Tenable Research discovered a critical memory corruption vulnerability in Fluent Bit's built-in HTTP server, tracked as CVE-2024-4323. The flaw arises from improper validation of input data types in the /api/v1/traces endpoint, potentially leading to denial of service, information disclosure, or remote code execution. Fluent Bit is widely used in cloud monitoring infrastructures, with over 3 billion downloads.