CVE-2025-12972 — Path Traversal in Fluent BIT

CWE-22 — Path Traversal CWE-125 — Out-of-bounds Read4 documents4 sources

Severity

5.3MEDIUMNVD

EPSS

0.1%

top 71.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fluentbit Fluent BIT Treasuredata Fluent BIT Msrc CBL Mariner 1.0 ARM +2 more

Timeline

PublishedNov 24

Latest updateDec 1

Description

Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names. When the File option is omitted, the plugin uses untrusted tag input to construct file paths. This allows attackers with network access to craft tags containing path traversal sequences that cause Fluent Bit to write files outside the intended output directory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages5 packages

▶CVEListV5fluentbit/fluent_bit< 4.0.12

▶NVDtreasuredata/fluent_bit4.1.0

▶msrcmsrc/cbl_mariner_1.0_arm

▶msrcmsrc/cbl_mariner_1.0_x64

▶msrcmsrc/cm1_binutils_2.32-4_on_cbl_mariner_1.0

🔴Vulnerability Details

GHSA

GHSA-mjmc-4hm9-g39m: Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names↗2025-11-24

▶

📋Vendor Advisories

Microsoft

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_↗2019-06-11

▶

🕵️Threat Intelligence

Wiz

Supply Chain Attacks & AI Vulnerabilities: December Cloud Security Update | Wiz↗2025-12-01

▶