pkg:Debian/rsyslog
23 total CVEsCRITICAL6HIGH4MEDIUM4
✅ Check your installed version
All known vulnerabilities
- from 0, < 8.1910.0-1
- from 0, < 8.24.0-1+deb9u1
- from 0, < 8.4.2-1+deb8u3
- from 0, < 8.1910.0-1
- CRITICAL9.8CVE-2019-17040contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.from 0, < 8.1910.0-1
- CRITICAL9.8CVE-2017-12588The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format str…from 0, < 8.28.0-1
- from 0, < 8.2102.0-2+deb11u1
- from 0, < 8.1901.0-1+deb10u2
- from 0, < 8.27.0-2
- from 0, < 8.24.0-1+deb9u2
- MEDIUM5.5CVE-2011-1490A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and so…from 0, < 5.7.6-1
- MEDIUM5.5CVE-2011-1489A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and s…from 0, < 5.7.6-1
- MEDIUM5.5CVE-2011-1488A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled.from 0, < 5.7.6-1
- MEDIUM5.5CVE-2015-3243rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/l…from 0
- from 0, < 8.4.2-1
- from 0, < 5.8.11-3+deb7u2
- from 0, < 5.8.11-3+deb7u1
- from 0, < 8.4.1-1
- from 0, < 4.6.4-2+deb6u1
- —CVE-2011-4623Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4,…from 0, < 5.7.4-1
- —CVE-2011-3200Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 thr…from 0, < 5.8.5-1
- —CVE-2008-5618imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthori…from 0, < 3.18.6-1
- —CVE-2008-5617The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to b…from 0, < 3.18.6-1