CVE-2025-12972

Source
https://cve.org/CVERecord?id=CVE-2025-12972
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12972.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-12972
Aliases
Published
2025-11-24T14:40:36.275Z
Modified
2026-07-15T01:48:51.380578585Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
CVE-2025-12972
Details

Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause Fluent Bit to write files outside the intended output directory.

Database specific
{
    "cna_assigner": "certcc",
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "fixed": "4.0.12"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/12xxx/CVE-2025-12972.json"
}
References

Affected packages

Git / github.com/fluent/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit
Events
Database specific
{
    "source": "CPE_STRING",
    "extracted_events": [
        {
            "introduced": "4.1.0"
        },
        {
            "last_affected": "4.1.0"
        }
    ],
    "cpe": "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*"
}

Affected versions

4.*
4.1.0
v4.*
v4.1.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12972.json"