Описание
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not compiled |
| esm-infra-legacy/trusty | not-affected | code not compiled |
| esm-infra/xenial | not-affected | code not compiled |
| precise/esm | not-affected | code not compiled |
| trusty | not-affected | code not compiled |
| trusty/esm | not-affected | code not compiled |
| upstream | released | 8.28.0-1 |
| vivid/ubuntu-core | not-affected | code not compiled |
| xenial | not-affected | code not compiled |
| zesty | not-affected | code not compiled |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted ...
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.
Уязвимость модулей ввода/вывода программной утилиты для обработки логов Rsyslog, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3