Msrc Azl3 Fluent-Bit 3.1.10-2 On Azure Linux 3.0 vulnerabilities
6 known vulnerabilities affecting msrc/azl3_fluent-bit_3.1.10-2_on_azure_linux_3.0.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM2LOW2
Vulnerabilities
Page 1 of 1
CVE-2025-62408MEDIUMCVSS 5.92025-12-09
CVE-2025-62408 [MEDIUM] CWE-416 c-ares has a Use After Free vulnerability when connection is cleaned up after error
c-ares has a Use After Free vulnerability when connection is cleaned up after error
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2025-12977HIGHCVSS 8.32025-11-11
CVE-2025-12977 [CRITICAL] CWE-1287 CVE-2025-12977: CVE-2025-12977
Mariner: Mariner
certcc: certcc
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn
CVE-2025-12977
Mariner: Mariner
certcc: certcc
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2025-12970HIGHCVSS 8.82025-11-11
CVE-2025-12970 [HIGH] CWE-120 CVE-2025-12970: CVE-2025-12970
Mariner: Mariner
certcc: certcc
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn
CVE-2025-12970
Mariner: Mariner
certcc: certcc
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2025-12969MEDIUMCVSS 6.52025-11-11
CVE-2025-12969 [MEDIUM] CWE-306 CVE-2025-12969: CVE-2025-12969
Mariner: Mariner
certcc: certcc
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn
CVE-2025-12969
Mariner: Mariner
certcc: certcc
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2025-29477LOWCVSS 3.32025-04-08
CVE-2025-29477 [MEDIUM] CWE-400 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is th
msrc
CVE-2025-29478LOWCVSS 3.62025-04-08
CVE-2025-29478 [MEDIUM] CWE-400 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure
msrc