CVE-2025-10158

Опубликовано: 18 нояб. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The

malicious

rsync client requires at least read access to the remote rsync module in order to trigger the issue.

Ссылки

EPSS

Процентиль: 20%

0.00065

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-129

Связанные уязвимости

CVE-2025-10158

CVSS3: 4.3

ubuntu

5 месяцев назад

A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue.

CVE-2025-10158

CVSS3: 4.3

redhat

5 месяцев назад

CVE-2025-10158

CVSS3: 5.4

msrc

5 месяцев назад

Rsync: Out of bounds array access via negative index

CVE-2025-10158

CVSS3: 4.3

debian

5 месяцев назад

A malicious client acting as the receiver of an rsync file transfer ca ...

SUSE-SU-2026:0005-1

suse-cvrf

3 месяца назад

Security update for rsync

EPSS

Процентиль: 20%

0.00065

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-129