Fluid Attacks incident

Error with reattack request verification

Notice Resolved View vendor source →

Fluid Attacks experienced a notice incident on November 24, 2025 affecting Platform, lasting 4h 37m. The incident has been resolved; the full update timeline is below.

Started
Nov 24, 2025, 06:53 PM UTC
Resolved
Nov 24, 2025, 11:30 PM UTC
Duration
4h 37m
Detected by Pingoru
Nov 24, 2025, 06:53 PM UTC

Affected components

Platform

Update timeline

  1. identified Nov 25, 2025, 06:53 PM UTC

    An issue has been identified affecting the verification process for reattack requests.

  2. resolved Nov 25, 2025, 07:04 PM UTC

    The incident has been resolved, and reattack requests are now being processed correctly.

  3. postmortem Nov 25, 2025, 07:35 PM UTC

    **Impact** At least one user experienced issues with reattack processing. The issue started on UTC-5 25-11-21 12:39 and was reactively discovered 3 days \(TTD\) later by a client who reported through our help desk [\[1\]](https://help.fluidattacks.com/agent/fluid4ttacks/fluid-attacks/tickets/details/944043000055268001) that reattacks remained stuck in the REQUESTED state for many hours after being submitted. The problem was resolved in 4.3 hours \(TTF\), resulting in a total window of exposure of 3.2 days \(WOE\) [\[2\]](https://gitlab.com/fluidattacks/universe/-/issues/18164). **Cause** A combination of issues led to the issue: a bug introduced in the vulnerability-reporting system prevented the reattack results produced after the SAST\+SCA scan from being processed, affecting all reattacks requested; the fix for this bug was delayed for several hours because the affected namespace was unable to deploy updates or scale correctly; and a second backend issue in the cloning flow disrupted the scheduler responsible for re-queuing reattacks that had been waiting for long periods, leaving them stuck in the REQUESTED state [\[3\]](https://gitlab.com/fluidattacks/universe/-/merge_requests/88658),[\[4\]](https://gitlab.com/fluidattacks/universe/-/merge_requests/89135). **Solution** To fully restore correct behavior, the processing of static scan inputs was wrapped in a robust error-handling block that logs detailed information and notifies the workflow engine when failures occur, preventing silent interruptions, and the logic responsible for checking existing jobs was updated to include the scheduler that retries delayed reattacks, ensuring these tasks are properly recognized and processed [\[5\]](https://gitlab.com/fluidattacks/universe/-/merge_requests/89274),[\[6\]](https://gitlab.com/fluidattacks/universe/-/merge_requests/89313). **Conclusion** A processing bug, a deployment issue, and a scheduler logic flaw caused the incident. All contributing issues have now been fixed. Reattacks are once again processed reliably, and additional safeguards were added to ensure that failures in report processing and job scheduling are detected and handled safely in the future. **INFRASTRUCTURE\_ERROR < UNHENDLED\_EXCEPTION < INCOMPLETE\_PERSPECTIVE**