Teppei Fukuda

**Name of the Vulnerable Software and Affected Versions** Fluentd versions 0.12.29 through 0.12.40 **Description** The issue allows an attacker to potentially change the terminal UI or execute arbitrary commands on the device via unspecified vectors. **Recommendations** For Fluentd versions 0.12.29 through 0.12.40, update to a version outside of this range to mitigate the risk.

**Name of the Vulnerable Software and Affected Versions** Packetbeat versions prior to 5.6.4 Packetbeat version 6.0.0 **Description** The issue is a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic. A local attacker can cause a panic due to an out of bounds read if they are able to send arbitrary traffic to a monitored port. **Recommendations** For Packetbeat versions prior to 5.6.4, update to version 5.6.4 or later to resolve the issue. For Packetbeat version 6.0.0, update to a version later than 6.0.0 to resolve the issue. As a temporary workaround, consider restricting access to the monitored port to minimize the risk of exploitation.