Msrc Cbl2 Fluent-Bit 3.0.6-4 On Cbl Mariner 2.0 vulnerabilities

CVE-2025-12977 [CRITICAL] CWE-1287 CVE-2025-12977: CVE-2025-12977 Mariner: Mariner certcc: certcc Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn CVE-2025-12977 Mariner: Mariner certcc: certcc Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

CVE-2025-12970 [HIGH] CWE-120 CVE-2025-12970: CVE-2025-12970 Mariner: Mariner certcc: certcc Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn CVE-2025-12970 Mariner: Mariner certcc: certcc Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

CVE-2025-12969 [MEDIUM] CWE-306 CVE-2025-12969: CVE-2025-12969 Mariner: Mariner certcc: certcc Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn CVE-2025-12969 Mariner: Mariner certcc: certcc Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade

CVE-2025-64713 [MEDIUM] CWE-119 WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode WebAssembly Micro Runtime frame_offset_bottom array bounds overflow in fast Interpreter mode when handling GET_GLOBAL(I32) followed by if opcode Mariner: Mariner GitHub_M: GitHub_M Customer Action Required: Yes

CVE-2025-64704 [MEDIUM] CWE-754 WebAssembly Micro Runtime vulnerable to a segmentation fault in v128.store instruction WebAssembly Micro Runtime vulnerable to a segmentation fault in v128.store instruction Mariner: Mariner GitHub_M: GitHub_M Customer Action Required: Yes

CVE-2025-58749 [LOW] CWE-822 WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure ver

CVE-2025-29477 [MEDIUM] CWE-400 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event. An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is th

CVE-2025-29478 [MEDIUM] CWE-400 An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165. An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure

CVE-2018-14040 [MEDIUM] In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of