rsyslog (SUSE:Linux Enterprise Module for Basesystem 15) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 package rsyslog, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2019-17041 — CVSS 9.8 (critical): An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log…
CVE-2019-17042 — CVSS 9.8 (critical): An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages…
CVE-2015-3243 — CVSS 5.5 (medium): rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in…