Vulnerabilities > Rsyslog > Rsyslog > 1.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-06 | CVE-2022-24903 | Improper Validation of Specified Quantity in Input vulnerability in multiple products Rsyslog is a rocket-fast system for log processing. | 8.1 |
2019-11-14 | CVE-2011-1490 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. | 5.5 |
2019-11-14 | CVE-2011-1489 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. | 5.5 |
2019-11-14 | CVE-2011-1488 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. | 5.5 |
2019-01-25 | CVE-2018-16881 | Integer Overflow or Wraparound vulnerability in multiple products A denial of service vulnerability was found in rsyslog in the imptcp module. | 7.5 |
2017-08-06 | CVE-2017-12588 | Use of Externally-Controlled Format String vulnerability in Rsyslog The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. | 9.8 |