AZL-11396

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-11396.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-11396

Upstream

CVE-2022-39379

Published

2022-11-02T13:15:13Z

Modified

2026-04-21T04:22:06.080405Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

CVE-2022-39379 affecting package rubygem-fluentd for versions less than 1.14.6-2

Details

Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable FLUENT_OJ_OPTION_MODE is explicitly set to object. Please note: The option FLUENTOJOPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. This issue was patched in version 1.15.3. As a workaround do not use FLUENT_OJ_OPTION_MODE=object.

References

https://nvd.nist.gov/vuln/detail/CVE-2022-39379

Affected packages

Azure Linux:2 / rubygem-fluentd

Package

Name: rubygem-fluentd
Purl: pkg:rpm/azure-linux/rubygem-fluentd

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.6-2

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-11396.json"