Lucene search
K

5 matches found

OSV
OSV
added 2025/12/01 8:38 p.m.5 views

BIT-FLUENT-BIT-2025-12972 CVE-2025-12972

Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...

5.3CVSS6.9AI score0.00666EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/11/25 3:8 p.m.6 views

CVE-2025-12972

Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...

5.3CVSS6.9AI score0.00666EPSS
Exploits0References1
CVE
CVE
added 2025/11/24 2:40 p.m.29 views

CVE-2025-12972

CVE-2025-12972 affects Fluent Bit, specifically the out_file plugin. When the File option is omitted, untrusted tag input is used to build output file paths, and tags containing path traversal sequences can cause files to be written outside the intended directory. This may enable unauthorized fil...

5.3CVSS6.5AI score0.00666EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/24 2:40 p.m.3 views

CVE-2025-12972 CVE-2025-12972

Fluent Bit outfile plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause...

6.5AI score0.00666EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/24 12:0 a.m.5 views

PT-2025-47922

Name of the Vulnerable Software and Affected Versions Fluent Bit versions prior to 4.1.1 Description The out file plugin in Fluent Bit does not properly sanitize tag values when creating output file names. If the File option is not specified, the plugin utilizes tag input, which is considered...

5.3CVSS6.9AI score0.00666EPSS
Exploits0References18
Rows per page
Query Builder