CVE-2025-8862

High CVSS: 7.0

YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we recommend upgrading the database to a version where this information is properly redacted.

Vendor

Product

CWE

CWE-201

Yayın Tarihi

2025-08-11 13:15:39

Güncelleme

2025-08-11 18:32:48

Source Identifier

security@yugabyte.com

KEV Date Added

Kategoriler

CWE-201 HIGH 2025

Referanslar

https://docs.yugabyte.com/preview/secure/vulnerability-disclosure-policy/