MidnightBSD

Advisories for fluentbit

CVE-2025-29477

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 MEDIUM CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H 0.8 4.7

Products Affected

Vendor Product Version
fluentbit fluent_bit 3.7.2
treasuredata fluent_bit -
CVE-2025-29478

An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the cfl_list_size in cfl_list.h:165.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

Products Affected

Vendor Product Version
fluentbit fluent_bit 3.7.2
treasuredata fluent_bit -