fluent-plugin-s3 Vulnerable to Denial of Service (DoS) via Decompression Bomb in `in_s3`
The fluent-plugin-s3 plugin (specifically the in_s3 input plugin) supports reading and decompressing heavily compressed files (such as gzip, lzma2, and lzop) from Amazon S3. It was discovered that the plugin read the entire decompressed payload into memory at once without enforcing a strict size limit. If an attacker has sufficient permissions to upload files to the monitored S3 bucket, they can upload a maliciously crafted, highly compressed file. When Fluentd …