4 matches found
AZL-71074 CVE-2025-12970 affecting package fluent-bit for versions less than 3.0.6-6
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
CVE-2025-12970
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
CVE-2025-12970 CVE-2025-12970
The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...
PT-2025-47921
Name of the Vulnerable Software and Affected Versions Fluent Bit versions affected versions not specified Description The extract name function within the in docker input plugin of Fluent Bit contains a buffer overflow issue. This occurs because the function copies container names into a fixed-si...