6 matches found
Fedora 37 : golang-github-docker / golang-github-graylog2-gelf (2023-6b9e2a6534)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-6b9e2a6534 advisory. golang-github-graylog2-gelf-2.0.0-5.20201111git1550ee6.fc37 was not in F37 because was override with...
CBL Mariner 2.0 Security Update: rubygem-fluentd (CVE-2022-39379)
The version of rubygem-fluentd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-39379 advisory. - Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, Saa...
Fedora: Security Advisory for golang-github-docker (FEDORA-2023-6b9e2a6534)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-39379 affecting package rubygem-fluentd for versions less than 1.14.6-2
CVE-2022-39379 affecting package rubygem-fluentd for versions less than 1.14.6-2. A patched version of the package is available...
CVE-2022-39379
CVE-2022-39379 affects Fluentd when FLUENT_OJ_OPTION_MODE is set to object in non-default configurations. The vulnerability allows unauthenticated RCE via crafted JSON payloads; affected versions are those where FLUENT_OJ_OPTION_MODE was introduced in Fluentd 1.13.2 and prior to the patch. It was...
CVE-2022-39379 Fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution RCE vulnerability in non-default configurations of Fluentd allows unauthenticated attackers to execute arbitrary code via specially crafted JSON payloads...