Количество 31
Количество 31
CVE-2024-12087
A path traversal vulnerability exists in rsync. It stems from behavior ...
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
CVE-2024-12088
CVE-2024-12088
A flaw was found in rsync. When using the `--safe-links` option, the r ...
GHSA-9x68-7qq6-v523
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
BDU:2025-00377
Уязвимость конфигурации --inc-recursive демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы
SUSE-SU-2025:1330-1
Security update for rsync
GHSA-ffph-g3pc-8r3g
A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
BDU:2025-00373
Уязвимость конфигурации -safe-links демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2024-12087 A path traversal vulnerability exists in rsync. It stems from behavior ... | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад | |
| CVE-2024-12088 A flaw was found in rsync. When using the `--safe-links` option, the r ... | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| GHSA-9x68-7qq6-v523 A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
 | BDU:2025-00377 Уязвимость конфигурации --inc-recursive демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы | CVSS3: 6.5 | 0% Низкий | 7 месяцев назад |
 | SUSE-SU-2025:1330-1 Security update for rsync | 0% Низкий | 2 месяца назад | |
| GHSA-ffph-g3pc-8r3g A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. | CVSS3: 6.5 | 0% Низкий | 5 месяцев назад |
| BDU:2025-00373 Уязвимость конфигурации -safe-links демона rsyncd утилиты для передачи и синхронизации файлов Rsync, позволяющая нарушителю записывать произвольные файлы | CVSS3: 6.5 | 0% Низкий | 7 месяцев назад |
Уязвимостей на страницу