Vulners
Lucene search
Fluent Bit < 4.0.12 / 4.1.x < 4.1.1 Multiple Vulnerabilities
| Reporter | Title | Published | Views | Family All 73 |
|---|---|---|---|---|
 | CVE-2025-12970 affecting package fluent-bit for versions less than 3.0.6-5 | 5 Dec 202503:54 | – | cbl_mariner |
| CVE-2025-12969 affecting package fluent-bit for versions less than 3.0.6-6 | 5 Dec 202503:54 | – | cbl_mariner |
| CVE-2025-12977 affecting package fluent-bit for versions less than 3.0.6-6 | 5 Dec 202503:54 | – | cbl_mariner |
| CVE-2025-12977 affecting package fluent-bit for versions less than 3.1.10-3 | 18 Dec 202523:40 | – | cbl_mariner |
| CVE-2025-12969 affecting package fluent-bit for versions less than 3.1.10-3 | 18 Dec 202523:40 | – | cbl_mariner |
| CVE-2025-12970 affecting package fluent-bit for versions less than 3.1.10-2 | 6 Dec 202500:28 | – | cbl_mariner |
 | CVE-2025-12969 | 25 Nov 202512:05 | – | circl |
| CVE-2025-12970 | 25 Nov 202512:05 | – | circl |
| CVE-2025-12972 | 25 Nov 202512:05 | – | circl |
| CVE-2025-12977 | 25 Nov 202503:52 | – | circl |
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(276933);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/03");
script_cve_id(
"CVE-2025-12969",
"CVE-2025-12970",
"CVE-2025-12972",
"CVE-2025-12977",
"CVE-2025-12978"
);
script_xref(name:"IAVA", value:"2025-A-0880");
script_name(english:"Fluent Bit < 4.0.12 / 4.1.x < 4.1.1 Multiple Vulnerabilities");
script_set_attribute(attribute:"synopsis", value:
"A logging processor application is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of Fluent Bit running on the remote host is prior to 4.0.12, or 4.1.x prior to 4.1.1. It is, therefore,
affected by multiple vulnerabilities, including:
- Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs. An attacker with
network access or the ability to write records into Splunk or Elasticsearch can supply tag_key values containing
special characters such as newlines or ../ that are treated as valid tags. Because tags influence routing and some
outputs derive filenames or contents from tags, this can allow newline injection, path traversal, forged record
injection, or log misrouting, impacting data integrity and log routing. (CVE-2025-12977)
- The extract_name function in Fluent Bit in_docker input plugin copies container names into a fixed size stack buffer
without validating length. An attacker who can create containers or control container names, can supply a long name
that overflows the buffer, leading to process crash or arbitrary code execution. (CVE-2025-12970)
- Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under
certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance
exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject
forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and
integrity of ingested logs. (CVE-2025-12969)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://www.oligo.security/blog/critical-vulnerabilities-in-fluent-bit-expose-cloud-environments-to-remote-takeover
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d46f9bc7");
script_set_attribute(attribute:"see_also", value:"https://kb.cert.org/vuls/id/761751");
script_set_attribute(attribute:"solution", value:
"Upgrade to Fluent Bit version 4.0.12 or 4.1.1 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-12977");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/11/24");
script_set_attribute(attribute:"patch_publication_date", value:"2025/11/24");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/12/01");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"x-cpe:/a:fluent_bit:fluent_bit");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("fluent_bit_detect.nbin");
script_require_keys("installed_sw/Fluent Bit");
exit(0);
}
include('vdf.inc');
# @tvdl-content
var vuln_data = {
'metadata': {'spec_version': '1.0'},
'checks': [
{
'product': {'name': 'Fluent Bit', 'type': 'app'},
'check_algorithm': 'default',
'constraints': [
{'fixed_version':'4.0.12'},
{'min_version':'4.1.0', 'fixed_version':'4.1.1'}
]
}
]
};
var result = vdf::check_and_report(vuln_data:vuln_data, severity:SECURITY_HOLE);
vdf::handle_check_and_report_errors(vdf_result:result);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
03 Mar 2026 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 3.19.1
EPSS0.0027
SSVC