Количество 31
Количество 31
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12088
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the r ...
SUSE-SU-2025:1330-1
Security update for rsync
SUSE-SU-2025:0991-1
Security update for rsync
GHSA-gp7r-m4cc-qhwq
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
GHSA-ffph-g3pc-8r3g
A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
BDU:2025-00373
Уязвимость конфигурации -safe-links демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы
BDU:2025-00372
Уязвимость утилиты для передачи и синхронизации файлов Rsync, связанная с ошибками синхронизации при использовании общего ресурса, позволяющая нарушителю повысить свои привилегии
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 2% Низкий | 10 месяцев назад |
 | CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 2% Низкий | 10 месяцев назад |
 | CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 2% Низкий | 10 месяцев назад |
 | CVSS3: 7.5 | 2% Низкий | 10 месяцев назад | |
| CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the r ... | CVSS3: 6.5 | 2% Низкий | 10 месяцев назад |
 | SUSE-SU-2025:1330-1 Security update for rsync | 2% Низкий | 7 месяцев назад | |
| SUSE-SU-2025:0991-1 Security update for rsync | 0% Низкий | 8 месяцев назад | |
| GHSA-gp7r-m4cc-qhwq A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation. | CVSS3: 5.6 | 0% Низкий | 10 месяцев назад |
| GHSA-ffph-g3pc-8r3g A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 2% Низкий | 10 месяцев назад |
 | BDU:2025-00373 Уязвимость конфигурации -safe-links демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы | CVSS3: 6.5 | 2% Низкий | 12 месяцев назад |
| BDU:2025-00372 Уязвимость утилиты для передачи и синхронизации файлов Rsync, связанная с ошибками синхронизации при использовании общего ресурса, позволяющая нарушителю повысить свои привилегии | CVSS3: 5.6 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу