CNNVD-202511-2647 Information

CNNVD ID

CNNVD-202511-2647

Related CVE

CVE-2025-12969

• CNNVD Published: 2025-11-24

Description (Chinese)

Fluent Bit是Fluent开源的一款使用C语言编写的开源日志处理和分析系统。 Fluent Bit存在安全漏洞，该漏洞源于未正确实施security.users身份验证机制，可能导致远程攻击者发送未经验证的数据，破坏日志真实性和完整性。

Description (English)

Fluent Bit is an open source log processing and analysis system in the C language of the Fluent Open Source. Fluent Bit has a security loophole, which stems from the incorrect implementation of the security.user identification mechanism, which may lead to the transmission of unverified data by remote assailants, undermining the authenticity and integrity of the log.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Fluent

Published

2025-11-24

Last Modified

2026-02-24

References

https://fluentbit.io/announcements/v4.1.0/ https://access.redhat.com/security/cve/cve-2025-12969

Patch

https://github.com/fluent/fluent-bit/releases