Jaroslav Škarvada

**Name of the Vulnerable Software and Affected Versions** rrdtool version 1.4.7 **Description** The issue is related to a format string vulnerability in the rrdtool module for Python, which is used in Zenoss. This vulnerability allows context-dependent attackers to cause a denial of service, resulting in a crash, by using format string specifiers in the `rrdtool.graph` function. **Recommendations** For rrdtool version 1.4.7, consider restricting access to the `rrdtool.graph` function until a patch is available to prevent potential denial of service attacks. As a temporary workaround, avoid using format string specifiers in the `rrdtool.graph` function to minimize the risk of exploitation.