CVE-2017-12588

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-12588
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12588.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-12588
Downstream
Published
2017-08-06T14:29:00.227Z
Modified
2025-11-20T10:36:48.723304Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.

References

Affected packages

Git / github.com/rsyslog/rsyslog

Affected ranges

Type
GIT
Repo
https://github.com/rsyslog/rsyslog
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
062d0c671a29f7c6f7dff4a2f1f35df375bbb30b

Affected versions

Other

Branchpoint_Stable_1-0
sysklogd-141-import
v0-9-1
v0-9-3
v0-9-4
v0-9-6
v0-9-7
v0-9-8
v1-10-0
v1-10-1
v1-10-2
v1-11-0
v1-11-1
v1-12-0
v1-12-1
v1-12-2
v1-12-3
v1-13-0
v1-13-1
v1-13-2
v1-13-3
v1-13-4
v1-13-5
v1-14-0
v1-14-1
v1-14-2
v1-15-0
v1-15-1
v1-16-0
v1-17-0
v1-17-1
v1-17-2
v1-17-3
v1-17-4
v1-17-5
v1-17-6
v1-18-0
v1-18-1
v1-18-2
v1-19-0
v1-19-1
v1-19-10
v1-19-2
v1-19-3
v1-19-4
v1-19-5
v1-19-6
v1-19-6b
v1-19-7
v1-19-9
v1-20-0
v1-20-1
v1-21-0
v1-21-1
v1-21-2
v2-0-0
v2-0-1
v2-0-2
v2-0-3
v2-0-4
v3-10-0
v3-10-1
v3-10-1a
v3-10-2
v3-10-2a
v3-10-3
v3-11-0
v3-11-1
v3-11-2
v3-11-3
v3-11-4
v3-11-5
v3-11-6
v3-12-0
v3-12-1
v3-12-2
v3-12-3
v3-12-4
v3-12-5
v3-13-0-dev0
v3-14-1
v3-15-0

temp.*

temp.4.6.1.10

v2.*

v2.0.5
v2.0.6
v2.0.7

v3.*

v3.14.2
v3.15.1
v3.16.0
v3.16.1
v3.16.2
v3.17.0
v3.17.1
v3.17.2
v3.17.3
v3.17.4
v3.17.5
v3.18.0
v3.18.1
v3.18.2
v3.18.3
v3.18.4
v3.18.5
v3.18.6
v3.19.0
v3.19.1
v3.19.10
v3.19.11
v3.19.12
v3.19.2
v3.19.3
v3.19.4
v3.19.5
v3.19.6
v3.19.7
v3.19.8
v3.19.9
v3.20.0
v3.20.1
v3.20.2
v3.20.3
v3.20.4
v3.20.5
v3.20.6
v3.21.0
v3.21.1
v3.21.10
v3.21.11
v3.21.2
v3.21.3
v3.21.4
v3.21.5
v3.21.6
v3.21.7
v3.21.8
v3.21.9
v3.22.0
v3.22.1
v3.22.2
v3.22.3

v4.*

v4.1.0
v4.1.1
v4.1.2
v4.1.3
v4.1.4
v4.1.5
v4.1.6
v4.1.7
v4.2.0
v4.3.0
v4.3.1
v4.3.2
v4.4.0
v4.4.1
v4.4.2
v4.5.0
v4.5.1
v4.5.2
v4.5.3
v4.5.4
v4.5.5
v4.5.6
v4.5.7
v4.5.8
v4.6.0
v4.6.1
v4.6.2
v4.6.3
v4.6.4
v4.6.5
v4.6.6
v4.6.7
v4.6.8
v4.7.0
v4.7.1
v4.7.2
v4.7.3
v4.7.4
v4.7.5
v4.8.0

v5.*

v5.1.0
v5.1.1
v5.1.2
v5.1.3
v5.1.4
v5.1.5
v5.1.6
v5.10.0
v5.10.1
v5.2.0
v5.3.0
v5.3.1
v5.3.2
v5.3.3
v5.3.4
v5.3.5
v5.3.6
v5.3.7
v5.4.0
v5.5.0
v5.5.1
v5.5.2
v5.5.3
v5.5.4
v5.5.5
v5.5.6
v5.5.7
v5.6.0
v5.6.1
v5.6.2
v5.6.3
v5.6.4
v5.6.5
v5.7.0
v5.7.1
v5.7.10
v5.7.2
v5.7.3
v5.7.4
v5.7.5
v5.7.6
v5.7.7
v5.7.8
v5.7.9
v5.8.0
v5.8.1
v5.8.10
v5.8.11
v5.8.12
v5.8.13
v5.8.2
v5.8.3
v5.8.4
v5.8.5
v5.8.6
v5.8.7
v5.8.8
v5.8.9
v5.9.0
v5.9.1
v5.9.2
v5.9.3
v5.9.4
v5.9.5
v5.9.6
v5.9.7

v6.*

v6.1.0
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2.0
v6.2.1
v6.2.2
v6.2.2.with.unreleased.fixes
v6.3.0
v6.3.1
v6.3.10
v6.3.11
v6.3.12
v6.3.2
v6.3.3
v6.3.4
v6.3.5
v6.3.6
v6.3.7
v6.3.8
v6.3.9
v6.4.0
v6.4.1
v6.4.2
v6.4.3.unfinished
v6.5.0
v6.5.1
v6.6.0

v7.*

v7.1.0
v7.1.1
v7.1.10
v7.1.11
v7.1.12
v7.1.2
v7.1.3
v7.1.4
v7.1.5
v7.1.6
v7.1.7
v7.1.8
v7.1.9
v7.2.0
v7.2.1
v7.2.2
v7.2.3
v7.2.4
v7.2.5
v7.2.6
v7.2.7
v7.3.0
v7.3.1
v7.3.10
v7.3.11
v7.3.12
v7.3.13
v7.3.14
v7.3.15
v7.3.2
v7.3.3
v7.3.4
v7.3.5
v7.3.6
v7.3.7
v7.3.8
v7.3.9
v7.4.0
v7.4.1
v7.4.10
v7.4.2
v7.4.3
v7.4.4
v7.4.5
v7.4.6
v7.4.7
v7.4.8
v7.4.9
v7.5.0
v7.5.1
v7.5.2
v7.5.3
v7.5.4
v7.5.5
v7.5.6
v7.5.7
v7.5.8
v7.6.0
v7.6.1
v7.6.2
v7.6.3
v7.6.4
v7.6.5
v7.6.6
v7.6.7

v8.*

v8.1.0
v8.1.1
v8.1.2
v8.1.3
v8.1.4
v8.1.5
v8.1.6
v8.10.0
v8.11.0
v8.12.0
v8.13.0
v8.14.0
v8.15.0
v8.16.0
v8.17.0
v8.18.0
v8.19.0
v8.2.0
v8.2.1
v8.2.2
v8.20.0
v8.21.0
v8.22.0
v8.23.0
v8.24.0
v8.25.0
v8.26.0
v8.27.0
v8.3.0
v8.3.1
v8.3.2
v8.3.3
v8.3.4
v8.3.5
v8.4.0
v8.4.1
v8.4.2
v8.5.0
v8.6.0
v8.7.0
v8.8.0
v8.9.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-12588.json"