Msrc Azl3 Fluent-Bit 3.1.10-4 On Azure Linux 3.0 vulnerabilities
3 known vulnerabilities affecting msrc/azl3_fluent-bit_3.1.10-4_on_azure_linux_3.0.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1LOW2
Vulnerabilities
Page 1 of 1
CVE-2025-62408MEDIUMCVSS 5.92025-12-09
CVE-2025-62408 [MEDIUM] CWE-416 c-ares has a Use After Free vulnerability when connection is cleaned up after error
c-ares has a Use After Free vulnerability when connection is cleaned up after error
Mariner: Mariner
GitHub_M: GitHub_M
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2025-29477LOWCVSS 3.32025-04-08
CVE-2025-29477 [MEDIUM] CWE-400 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is th
msrc
CVE-2025-29478LOWCVSS 3.62025-04-08
CVE-2025-29478 [MEDIUM] CWE-400 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure
msrc