Your submission was sent successfully! Close

CVE-2017-12588

Published: 6 August 2017

The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
rsyslog
Launchpad, Ubuntu, Debian
precise Not vulnerable
(code not compiled)
trusty Not vulnerable
(code not compiled)
upstream
Released (8.28.0-1)
xenial Not vulnerable
(code not compiled)
zesty Not vulnerable
(code not compiled)