Search for packages
| purl | pkg:deb/debian/syslog-ng@3.3.5-4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ct3h-e6nt-hbbe
Aliases: CVE-2022-38725 |
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. |
Affected by 1 other vulnerability. |
|
VCID-hdcc-cab9-x3eu
Aliases: CVE-2024-47619 |
syslog-ng is an enhanced log daemo. Prior to version 4.8.2, `tls_wildcard_match()` matches on certificates such as `foo.*.bar` although that is not allowed. It is also possible to pass partial wildcards such as `foo.a*c.bar` which glib matches but should be avoided / invalidated. This issue could have an impact on TLS connections, such as in man-in-the-middle situations. Version 4.8.2 contains a fix for the issue. |
Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9s6e-ubst-rude |
CVE-2011-1951
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T18:09:21.822642+00:00 | Debian Oval Importer | Affected by | VCID-ct3h-e6nt-hbbe | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T17:04:20.422796+00:00 | Debian Oval Importer | Fixing | VCID-9s6e-ubst-rude | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T14:02:06.953526+00:00 | Debian Oval Importer | Affected by | VCID-hdcc-cab9-x3eu | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |