Tanne v0.6.17 contains a remote format string vulnerability in logger() which can lead to arbitrary code execution as root. for Linux/x86 which has been tested against Redhat 6.1, 7.0, and 8.0. Tanne is a secure http session management tool sometimes used in online banking.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/30724/tanne.0.6.17.txt
Source: https://packetstormsecurity.com/files/30724/tanne.0.6.17.txt.html