FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8e0e86ff-48b5-11e4-ab80-000c29f6ae42rsyslog -- remote syslog PRI vulnerability

The rsyslog project reports:

potential abort when a message with PRI > 191 was processed if the "pri-text" property was used in active templates, this could be abused to a remote denial of service from permitted senders

The original fix for CVE-2014-3634 was not adequate.


Discovery 2014-09-30
Entry 2014-09-30
Modified 2014-10-02
rsyslog
< 7.6.7

rsyslog8
< 8.4.2

http://www.rsyslog.com/remote-syslog-pri-vulnerability/
CVE-2014-3634
b9837fa1-cd72-11ec-98f1-6805ca0b3d42rsyslog8 -- heap buffer overflow on receiving TCP syslog

Rainer Gerhards reports:

Modules for TCP syslog reception have a heap buffer overflow when octet-counted framing is used. The attacker can corrupt heap values, leading to data integrity issues and availability impact. Remote code execution is unlikely to happen but not impossible..


Discovery 2022-05-05
Entry 2022-05-06
rsyslog
< 8.2204.1

CVE-2022-24903
https://github.com/rsyslog/rsyslog/security/advisories/GHSA-ggw7-xr6h-mmr8