{"id":"CVE-2019-12303","details":"In Rancher 2 through 2.2.3, Project owners can inject additional fluentd configuration to read files or execute arbitrary commands inside the fluentd container.","aliases":["GHSA-53pj-67m4-9w98","GO-2024-2762"],"modified":"2026-04-10T04:12:01.326597Z","published":"2019-06-06T16:29:01.307Z","references":[{"type":"ADVISORY","url":"https://forums.rancher.com/t/rancher-release-v2-2-4-addresses-rancher-cve-2019-12274-and-cve-2019-12303/14466"},{"type":"ADVISORY","url":"https://forums.rancher.com/c/announcements"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rancher/rancher","events":[{"introduced":"14c6b3e8f903814c1bb9364187fb8193e33e7a82"},{"last_affected":"b1896822e58bb42a513b664aca88ed410a5a7add"}],"database_specific":{"versions":[{"introduced":"2.0.0"},{"last_affected":"2.2.3"}]}}],"versions":["v2.0.0","v2.0.0-rc5","v2.0.1","v2.0.1-rc1","v2.0.1-rc2","v2.0.1-rc3","v2.0.1-rc4","v2.0.1-rc5","v2.0.1-rc6","v2.0.2","v2.0.2-rc1","v2.0.3","v2.0.3-rc1","v2.0.3-rc2","v2.0.3-rc3","v2.0.3-rc4","v2.0.3-rc5","v2.0.4","v2.0.4-rc1","v2.0.5","v2.0.5-rc1","v2.0.5-rc2","v2.0.5-rc3","v2.0.5-rc4","v2.0.5-rc5","v2.0.5-rc6","v2.0.6","v2.0.6-rc1","v2.0.6-rc2","v2.0.7","v2.0.7-rc1","v2.0.7-rc2","v2.0.7-rc3","v2.0.7-rc4","v2.0.7-rc5","v2.0.7-rc6","v2.0.8-rc2","v2.1.0","v2.1.0-rc1","v2.1.0-rc10","v2.1.0-rc2","v2.1.0-rc3","v2.1.0-rc4","v2.1.0-rc5","v2.1.0-rc6","v2.1.0-rc7","v2.1.0-rc8","v2.1.0-rc9","v2.2.0","v2.2.0-rc1","v2.2.0-rc10","v2.2.0-rc11","v2.2.0-rc12","v2.2.0-rc13","v2.2.0-rc14","v2.2.0-rc15","v2.2.0-rc2","v2.2.0-rc3","v2.2.0-rc4","v2.2.0-rc5","v2.2.0-rc6","v2.2.0-rc7","v2.2.0-rc8","v2.2.0-rc9","v2.2.1","v2.2.1-rc1","v2.2.2","v2.2.2-patch1-rc1","v2.2.2-patch1-rc2","v2.2.2-rc1","v2.2.2-rc10","v2.2.2-rc11","v2.2.2-rc12","v2.2.2-rc13","v2.2.2-rc14","v2.2.2-rc2","v2.2.2-rc3","v2.2.2-rc4","v2.2.2-rc5","v2.2.2-rc6","v2.2.2-rc7","v2.2.2-rc8","v2.2.2-rc9","v2.2.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-12303.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}