VulnerableCode Package Details - pkg:deb/debian/syslog-ng@3.3.5-4

Search for packages

Vulnerability	Summary	Fixed by
VCID-1xzy-xag3-5ybt Aliases: CVE-2024-47619	syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo..bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.ac.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue.	3.38.1-5+deb12u1 Affected by 0 other vulnerabilities.
VCID-d3hk-n3x4-dfb6 Aliases: CVE-2022-38725	A denial of service vulnerability was discovered in rsyslog related to syslog input over the network.	3.28.1-2+deb11u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-1xzy-xag3-5ybt
Aliases:
CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue.

3.38.1-5+deb12u1
Affected by 0 other vulnerabilities.

VCID-d3hk-n3x4-dfb6
Aliases:
CVE-2022-38725

A denial of service vulnerability was discovered in rsyslog related to syslog input over the network.

3.28.1-2+deb11u1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-1gf1-xw2a-dqgq	This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.	CVE-2011-1951

Vulnerability

Summary

Aliases

VCID-1gf1-xw2a-dqgq

This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.

CVE-2011-1951

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:39:51.682082+00:00	Debian Oval Importer	Affected by	VCID-d3hk-n3x4-dfb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:22:58.721715+00:00	Debian Oval Importer	Fixing	VCID-1gf1-xw2a-dqgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:49:17.490726+00:00	Debian Oval Importer	Affected by	VCID-1xzy-xag3-5ybt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T22:16:34.883704+00:00	Debian Oval Importer	Affected by	VCID-d3hk-n3x4-dfb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:02:27.443312+00:00	Debian Oval Importer	Fixing	VCID-1gf1-xw2a-dqgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:35:10.617543+00:00	Debian Oval Importer	Affected by	VCID-1xzy-xag3-5ybt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:52:50.113916+00:00	Debian Oval Importer	Affected by	VCID-d3hk-n3x4-dfb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:41:43.120569+00:00	Debian Oval Importer	Fixing	VCID-1gf1-xw2a-dqgq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:22:54.312262+00:00	Debian Oval Importer	Affected by	VCID-1xzy-xag3-5ybt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0