Threats Tagged 'ghsa-72f5-rr8c-r6gr'
View all threats tagged with 'ghsa-72f5-rr8c-r6gr'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'ghsa-72f5-rr8c-r6gr'
Click on any threat for detailed analysis and mitigation recommendations
GHSA-72f5-rr8c-r6gr: Fluentd is Vulnerable to Server-Side Request Forgery (SSRF) via Placeholder Expansion in `out_http`CVE-2026-44161 0 Fluentd's out_http plugin is vulnerable to Server-Side Request Forgery (SSRF) via placeholder expansion in the endpoint configuration. An attacker can manipulate the destination hostname of outbound HTTP requests if the placeholder value is derived from untrusted input. This allows unauthenticated attackers to make Fluentd send requests to arbitrary internal services, potentially accessing internal APIs or cloud metadata endpoints. The vulnerability affects Fluentd versions prior to 1.19.3. A patch is available in version 1.19.3. Workarounds include avoiding dynamic hostnames in endpoints, restricting network access to sensitive internal IPs, and filtering allowed hosts in placeholders. Join the discussion | GCVE Database | 06/26/2026, 16:36:11 UTC Added: 06/26/2026, 22:05:10 UTC |
Showing 1 to 1 of 1 result