VulnerableCode Package Details - pkg:deb/debian/syslog-ng@3.8.1-10

Search for packages

Vulnerability	Summary	Fixed by
VCID-1xzy-xag3-5ybt Aliases: CVE-2024-47619	syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo..bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.ac.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue.	3.38.1-5+deb12u1 Affected by 0 other vulnerabilities.
VCID-d3hk-n3x4-dfb6 Aliases: CVE-2022-38725	A denial of service vulnerability was discovered in rsyslog related to syslog input over the network.	3.28.1-2+deb11u1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-1xzy-xag3-5ybt
Aliases:
CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue.

3.38.1-5+deb12u1
Affected by 0 other vulnerabilities.

VCID-d3hk-n3x4-dfb6
Aliases:
CVE-2022-38725

A denial of service vulnerability was discovered in rsyslog related to syslog input over the network.

3.28.1-2+deb11u1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:39:51.692297+00:00	Debian Oval Importer	Affected by	VCID-d3hk-n3x4-dfb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:49:17.501567+00:00	Debian Oval Importer	Affected by	VCID-1xzy-xag3-5ybt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T22:16:34.895345+00:00	Debian Oval Importer	Affected by	VCID-d3hk-n3x4-dfb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:35:10.629317+00:00	Debian Oval Importer	Affected by	VCID-1xzy-xag3-5ybt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:52:50.126469+00:00	Debian Oval Importer	Affected by	VCID-d3hk-n3x4-dfb6	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:22:54.328168+00:00	Debian Oval Importer	Affected by	VCID-1xzy-xag3-5ybt	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0