CVE-2025-12972 | FluentBit 4.1.0 out_file path traversal

November 24, 2025 Yanac

A vulnerability was found in FluentBit 4.1.0. It has been declared as critical. Affected by this vulnerability is the function out_file of the component out_file. Executing manipulation can lead to path traversal: ‘…/…//’.

This vulnerability appears as CVE-2025-12972. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More

CVE-2025-12977 | FluentBit 4.1.0 in_http/in_splunk/in_elasticsearch tag_key improper validation of specified type of input
CVE-2025-12970 | FluentBit 4.1.0 in_docker extract_name stack-based overflow