CNNVD-202511-2645 Information

CNNVD ID

CNNVD-202511-2645

Related CVE

CVE-2025-12977

• CNNVD Published: 2025-11-24

Description (Chinese)

Fluent Bit是Fluent开源的一款使用C语言编写的开源日志处理和分析系统。 Fluent Bit存在安全漏洞，该漏洞源于未清理tag_key输入，可能导致换行注入、路径遍历或日志误路由。

Description (English)

Fluent Bit is an open source log processing and analysis system in the C language of the Fluent Open Source. Fluent Bit has a security loophole, which stems from uncleaned tag key input, which could lead to a line-relay, routing or log error.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Fluent

Published

2025-11-24

Last Modified

2026-02-24

References

https://fluentbit.io/announcements/v4.1.0/ https://access.redhat.com/security/cve/cve-2025-12977

Patch

https://github.com/fluent/fluent-bit/releases