CVE-2022-39379

Name of the Vulnerable Software and Affected Versions Fluentd versions 1.13.2 through 1.15.2

Description A remote code execution vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads. This issue affects Fluentd setups where the environment variable FLUENT OJ OPTION MODE is explicitly set to object. The option FLUENT OJ OPTION MODE was introduced in Fluentd version 1.13.2, and earlier versions are not affected.

Recommendations For Fluentd versions 1.13.2 through 1.15.2, update to version 1.15.3 to resolve the issue. As a temporary workaround for affected versions, do not use FLUENT OJ OPTION MODE=object.