What is the severity of CVE-2022-39379?

CVE-2022-39379 is classified as a critical severity vulnerability due to its potential for remote code execution.

How do I fix CVE-2022-39379?

To fix CVE-2022-39379, it is recommended to upgrade Fluentd to versions 1.15.4 or later and ensure default configurations are used.

Who is affected by CVE-2022-39379?

CVE-2022-39379 affects Fluentd versions from 1.13.2 to 1.15.3 and Fedora version 37.

What configurations are at risk with CVE-2022-39379?

Non-default configurations of Fluentd are at risk with CVE-2022-39379, potentially exposing systems to attacks.

Vulnerability/
CVE-2022-39379

critical

9.8

CWE

502

2/11/2022

23/4/2025

CVE-2022-39379: Fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)

Q: Can CVE-2022-39379 allow unauthorized access to my system?

Yes, CVE-2022-39379 allows unauthenticated attackers to execute arbitrary code on affected systems.

First published: Wed Nov 02 2022(Updated: )

Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. Fluentd setups are only affected if the environment variable `FLUENT_OJ_OPTION_MODE` is explicitly set to `object`. Please note: The option FLUENT_OJ_OPTION_MODE was introduced in Fluentd version 1.13.2. Earlier versions of Fluentd are not affected by this vulnerability. This issue was patched in version 1.15.3. As a workaround do not use `FLUENT_OJ_OPTION_MODE=object`.

Credit: security-advisories@github.com

Affected Software	Affected Version	How to fix
Cogent Datahub	>=1.13.2<1.15.3
Red Hat Fedora	=37

Remedy

https://github.com/fluent/fluentd/commit/48e5b85dab1b6d4c273090d538fc11b3f2fd8135

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-39379?
CVE-2022-39379 is classified as a critical severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2022-39379?
To fix CVE-2022-39379, it is recommended to upgrade Fluentd to versions 1.15.4 or later and ensure default configurations are used.
Who is affected by CVE-2022-39379?
CVE-2022-39379 affects Fluentd versions from 1.13.2 to 1.15.3 and Fedora version 37.
Can CVE-2022-39379 allow unauthorized access to my system?
Yes, CVE-2022-39379 allows unauthenticated attackers to execute arbitrary code on affected systems.
What configurations are at risk with CVE-2022-39379?
Non-default configurations of Fluentd are at risk with CVE-2022-39379, potentially exposing systems to attacks.

agent/type
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/last-modified-date
agent/author
agent/references
agent/title
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/fluentd
canonical/cogent datahub
version/cogent datahub/1.13.2
vendor/fedoraproject
canonical/red hat fedora
version/red hat fedora/37

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.