Package Instance

reference_id

AVG-542

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17434

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync::::::::
reference_id	cpe:2.3:a:samba:rsync::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-17434

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17434

reference_url	https://security.gentoo.org/glsa/201801-16
reference_id	GLSA-201801-16
reference_type
scores
url	https://security.gentoo.org/glsa/201801-16

reference_url	https://usn.ubuntu.com/3506-1/
reference_id	USN-3506-1
reference_type
scores
url	https://usn.ubuntu.com/3506-1/

reference_url	https://usn.ubuntu.com/3506-2/
reference_id	USN-3506-2
reference_type
scores
url	https://usn.ubuntu.com/3506-2/

fixed_packages

url	pkg:deb/debian/rsync@3.1.2-2.1?distro=trixie
purl	pkg:deb/debian/rsync@3.1.2-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.2-2.1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2017-17434

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1dp2-jcqh-7ket

url VCID-1snq-bkw3-3kff

vulnerability_id VCID-1snq-bkw3-3kff

summary

Multiple vulnerabilities have been found in rsync, the worst of
    which could allow remote attackers to bypass access restrictions.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16548.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16548.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-16548

reference_id

reference_type

scores

value	0.02941
scoring_system	epss
scoring_elements	0.86372
published_at	2026-04-01T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.86459
published_at	2026-04-18T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.86445
published_at	2026-04-11T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.86443
published_at	2026-04-12T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.86438
published_at	2026-04-13T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.86454
published_at	2026-04-16T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.86383
published_at	2026-04-02T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.864
published_at	2026-04-04T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.86402
published_at	2026-04-07T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.8642
published_at	2026-04-08T12:55:00Z

value	0.02941
scoring_system	epss
scoring_elements	0.8643
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-16548

reference_url	https://bugzilla.samba.org/show_bug.cgi?id=13112
reference_id
reference_type
scores
url	https://bugzilla.samba.org/show_bug.cgi?id=13112

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.samba.org/rsync.git/?p=rsync.git%3Ba=commit%3Bh=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1
reference_id
reference_type
scores
url	https://git.samba.org/rsync.git/?p=rsync.git%3Ba=commit%3Bh=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00020.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00020.html

reference_url	https://www.debian.org/security/2017/dsa-4068
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4068

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1511411
reference_id	1511411
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1511411

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880954
reference_id	880954
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880954

reference_url	https://security.archlinux.org/ASA-201801-21
reference_id	ASA-201801-21
reference_type
scores
url	https://security.archlinux.org/ASA-201801-21

reference_url

reference_id

AVG-542

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16548

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync::::::::
reference_id	cpe:2.3:a:samba:rsync::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-16548

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-16548

reference_url	https://security.gentoo.org/glsa/201801-16
reference_id	GLSA-201801-16
reference_type
scores
url	https://security.gentoo.org/glsa/201801-16

reference_url	https://usn.ubuntu.com/3543-1/
reference_id	USN-3543-1
reference_type
scores
url	https://usn.ubuntu.com/3543-1/

reference_url	https://usn.ubuntu.com/3543-2/
reference_id	USN-3543-2
reference_type
scores
url	https://usn.ubuntu.com/3543-2/

fixed_packages

url	pkg:deb/debian/rsync@3.1.2-2.1?distro=trixie
purl	pkg:deb/debian/rsync@3.1.2-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.2-2.1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2017-16548

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1snq-bkw3-3kff

url VCID-1vu9-xzw9-kfe2

vulnerability_id VCID-1vu9-xzw9-kfe2

summary zlib DoS

references

reference_url	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc
reference_id
reference_type
scores
url	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc

reference_url	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt
reference_id
reference_type
scores
url	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt

reference_url	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html

reference_url	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html

reference_url	http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-2096

reference_id

reference_type

scores

value	0.43032
scoring_system	epss
scoring_elements	0.975
published_at	2026-04-18T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97466
published_at	2026-04-01T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97473
published_at	2026-04-02T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97476
published_at	2026-04-04T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97477
published_at	2026-04-07T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97483
published_at	2026-04-08T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97484
published_at	2026-04-09T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97487
published_at	2026-04-11T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97489
published_at	2026-04-12T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.9749
published_at	2026-04-13T12:55:00Z

value	0.43032
scoring_system	epss
scoring_elements	0.97497
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-2096

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391

reference_url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096

reference_url	http://secunia.com/advisories/15949
reference_id
reference_type
scores
url	http://secunia.com/advisories/15949

reference_url	http://secunia.com/advisories/17054
reference_id
reference_type
scores
url	http://secunia.com/advisories/17054

reference_url	http://secunia.com/advisories/17225
reference_id
reference_type
scores
url	http://secunia.com/advisories/17225

reference_url	http://secunia.com/advisories/17236
reference_id
reference_type
scores
url	http://secunia.com/advisories/17236

reference_url	http://secunia.com/advisories/17326
reference_id
reference_type
scores
url	http://secunia.com/advisories/17326

reference_url	http://secunia.com/advisories/17516
reference_id
reference_type
scores
url	http://secunia.com/advisories/17516

reference_url	http://secunia.com/advisories/18377
reference_id
reference_type
scores
url	http://secunia.com/advisories/18377

reference_url	http://secunia.com/advisories/18406
reference_id
reference_type
scores
url	http://secunia.com/advisories/18406

reference_url	http://secunia.com/advisories/18507
reference_id
reference_type
scores
url	http://secunia.com/advisories/18507

reference_url	http://secunia.com/advisories/19550
reference_id
reference_type
scores
url	http://secunia.com/advisories/19550

reference_url	http://secunia.com/advisories/19597
reference_id
reference_type
scores
url	http://secunia.com/advisories/19597

reference_url	http://secunia.com/advisories/24788
reference_id
reference_type
scores
url	http://secunia.com/advisories/24788

reference_url	http://secunia.com/advisories/31492
reference_id
reference_type
scores
url	http://secunia.com/advisories/31492

reference_url	http://secunia.com/advisories/32706
reference_id
reference_type
scores
url	http://secunia.com/advisories/32706

reference_url	http://security.gentoo.org/glsa/glsa-200507-05.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200507-05.xml

reference_url	http://securitytracker.com/id?1014398
reference_id
reference_type
scores
url	http://securitytracker.com/id?1014398

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24064
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/24064

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542

reference_url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1
reference_id
reference_type
scores
url	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1

reference_url	http://support.apple.com/kb/HT3298
reference_id
reference_type
scores
url	http://support.apple.com/kb/HT3298

reference_url	http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
reference_id
reference_type
scores
url	http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm

reference_url	http://www.debian.org/security/2005/dsa-740
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-740

reference_url	http://www.debian.org/security/2005/dsa-797
reference_id
reference_type
scores
url	http://www.debian.org/security/2005/dsa-797

reference_url	http://www.debian.org/security/2006/dsa-1026
reference_id
reference_type
scores
url	http://www.debian.org/security/2006/dsa-1026

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml

reference_url	http://www.kb.cert.org/vuls/id/680620
reference_id
reference_type
scores
url	http://www.kb.cert.org/vuls/id/680620

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:112
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:112

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:196
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2005:196

reference_url	http://www.mandriva.com/security/advisories?name=MDKSA-2006:070
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDKSA-2006:070

reference_url	http://www.redhat.com/support/errata/RHSA-2005-569.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2005-569.html

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0629.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0629.html

reference_url	http://www.securityfocus.com/archive/1/421411/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/421411/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/464745/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/464745/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/482503/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/482503/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/482505/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/482505/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/482571/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/482571/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/482601/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/482601/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/482949/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/482949/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/482950/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/482950/100/0/threaded

reference_url	http://www.securityfocus.com/bid/14162
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/14162

reference_url	http://www.ubuntulinux.org/usn/usn-151-3
reference_id
reference_type
scores
url	http://www.ubuntulinux.org/usn/usn-151-3

reference_url	http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
reference_id
reference_type
scores
url	http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html

reference_url	http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
reference_id
reference_type
scores
url	http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html

reference_url	http://www.vupen.com/english/advisories/2005/0978
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2005/0978

reference_url	http://www.vupen.com/english/advisories/2006/0144
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2006/0144

reference_url	http://www.vupen.com/english/advisories/2007/1267
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2007/1267

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133
reference_id	317133
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523
reference_id	317523
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966
reference_id	317966
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967
reference_id	317967
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968
reference_id	317968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014
reference_id	318014
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318069
reference_id	318069
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318069

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091
reference_id	318091
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099
reference_id	318099
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100
reference_id	318100
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236
reference_id	332236
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=430650
reference_id	430650
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=430650

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.0:::::::*
reference_id	cpe:2.3:a:zlib:zlib:1.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.1:::::::*
reference_id	cpe:2.3:a:zlib:zlib:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:::::::*
reference_id	cpe:2.3:a:zlib:zlib:1.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zlib:zlib:1.2.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-2096

reference_id

CVE-2005-2096

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2005-2096

reference_url	https://access.redhat.com/errata/RHSA-2005:569
reference_id	RHSA-2005:569
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2005:569

reference_url	https://access.redhat.com/errata/RHSA-2008:0264
reference_id	RHSA-2008:0264
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0264

reference_url	https://access.redhat.com/errata/RHSA-2008:0525
reference_id	RHSA-2008:0525
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0525

reference_url	https://access.redhat.com/errata/RHSA-2008:0629
reference_id	RHSA-2008:0629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0629

reference_url	https://usn.ubuntu.com/148-1/
reference_id	USN-148-1
reference_type
scores
url	https://usn.ubuntu.com/148-1/

reference_url	https://usn.ubuntu.com/151-2/
reference_id	USN-151-2
reference_type
scores
url	https://usn.ubuntu.com/151-2/

reference_url	https://usn.ubuntu.com/151-3/
reference_id	USN-151-3
reference_type
scores
url	https://usn.ubuntu.com/151-3/

reference_url	https://usn.ubuntu.com/151-4/
reference_id	USN-151-4
reference_type
scores
url	https://usn.ubuntu.com/151-4/

fixed_packages

url	pkg:deb/debian/rsync@0?distro=trixie
purl	pkg:deb/debian/rsync@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@0%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2005-2096

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vu9-xzw9-kfe2

url VCID-2phq-g3rz-2be8

vulnerability_id VCID-2phq-g3rz-2be8

summary When rsync is run w/o chroot, symlinks that point outside daemon's root can be created

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6199.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6199.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-6199

reference_id

reference_type

scores

value	0.06572
scoring_system	epss
scoring_elements	0.91099
published_at	2026-04-01T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91104
published_at	2026-04-02T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91113
published_at	2026-04-04T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91121
published_at	2026-04-07T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91133
published_at	2026-04-08T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91139
published_at	2026-04-09T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91147
published_at	2026-04-11T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91148
published_at	2026-04-13T12:55:00Z

value	0.06572
scoring_system	epss
scoring_elements	0.91172
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-6199

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=407161
reference_id	407161
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=407161

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453652
reference_id	453652
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453652

fixed_packages

url	pkg:deb/debian/rsync@2.6.9-6?distro=trixie
purl	pkg:deb/debian/rsync@2.6.9-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.9-6%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2007-6199

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2phq-g3rz-2be8

url VCID-472y-7aza-j7c4

vulnerability_id VCID-472y-7aza-j7c4

summary Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12747.json

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12747.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12747

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01852
published_at	2026-04-08T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01833
published_at	2026-04-13T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01838
published_at	2026-04-12T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01853
published_at	2026-04-11T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01835
published_at	2026-04-02T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01846
published_at	2026-04-04T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01848
published_at	2026-04-07T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01866
published_at	2026-04-09T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02049
published_at	2026-04-18T12:55:00Z

value	0.00014
scoring_system	epss
scoring_elements	0.02646
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12747

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12747
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12747

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2332968

reference_id

2332968

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2332968

reference_url

reference_id

952657

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/

url

reference_url	https://security.archlinux.org/ASA-202501-1
reference_id	ASA-202501-1
reference_type
scores
url	https://security.archlinux.org/ASA-202501-1

reference_url

reference_id

AVG-2858

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2024-12747

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id	cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

reference_id

CVE-2024-12747

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/

url

https://access.redhat.com/security/cve/CVE-2024-12747

reference_url	https://security.gentoo.org/glsa/202501-01
reference_id	GLSA-202501-01
reference_type
scores
url	https://security.gentoo.org/glsa/202501-01

reference_url

reference_id

RHBA-2025:6470

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/

url

reference_url

reference_id

RHSA-2025:2600

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/

url

reference_url

reference_id

RHSA-2025:7050

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/

url

reference_url

reference_id

RHSA-2025:8385

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29154.json

reference_url	https://usn.ubuntu.com/7206-1/
reference_id	USN-7206-1
reference_type
scores
url	https://usn.ubuntu.com/7206-1/

reference_url	https://usn.ubuntu.com/7206-3/
reference_id	USN-7206-3
reference_type
scores
url	https://usn.ubuntu.com/7206-3/

fixed_packages

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
purl	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.3.0%252Bds1-3%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2024-12747

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-472y-7aza-j7c4

url VCID-4g3g-qmrg-tbf6

vulnerability_id VCID-4g3g-qmrg-tbf6

summary Multiple vulnerabilities have been discovered in rsync, the worst of which can lead to denial of service or information disclosure.

references

reference_url

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29154.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29154

reference_id

reference_type

scores

value	0.00674
scoring_system	epss
scoring_elements	0.71362
published_at	2026-04-02T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71379
published_at	2026-04-04T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71354
published_at	2026-04-07T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71395
published_at	2026-04-08T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71408
published_at	2026-04-09T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.7143
published_at	2026-04-11T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71415
published_at	2026-04-12T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71397
published_at	2026-04-13T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71443
published_at	2026-04-16T12:55:00Z

value	0.00674
scoring_system	epss
scoring_elements	0.71449
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29154

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016543
reference_id	1016543
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016543

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2110928
reference_id	2110928
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2110928

reference_url	https://security.gentoo.org/glsa/202405-22
reference_id	GLSA-202405-22
reference_type
scores
url	https://security.gentoo.org/glsa/202405-22

reference_url	https://access.redhat.com/errata/RHSA-2022:6170
reference_id	RHSA-2022:6170
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6170

reference_url	https://access.redhat.com/errata/RHSA-2022:6171
reference_id	RHSA-2022:6171
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6171

reference_url	https://access.redhat.com/errata/RHSA-2022:6172
reference_id	RHSA-2022:6172
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6172

reference_url	https://access.redhat.com/errata/RHSA-2022:6173
reference_id	RHSA-2022:6173
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6173

reference_url	https://access.redhat.com/errata/RHSA-2022:6180
reference_id	RHSA-2022:6180
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6180

reference_url	https://access.redhat.com/errata/RHSA-2022:6181
reference_id	RHSA-2022:6181
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6181

reference_url	https://access.redhat.com/errata/RHSA-2022:6551
reference_id	RHSA-2022:6551
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6551

reference_url	https://usn.ubuntu.com/5921-1/
reference_id	USN-5921-1
reference_type
scores
url	https://usn.ubuntu.com/5921-1/

fixed_packages

url	pkg:deb/debian/rsync@3.2.5-1?distro=trixie
purl	pkg:deb/debian/rsync@3.2.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.5-1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2022-29154

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4g3g-qmrg-tbf6

url VCID-4g8w-n139-dfbn

vulnerability_id VCID-4g8w-n139-dfbn

summary

A vulnerability in rsync might allow remote attackers to execute
    arbitrary commands.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5764.json

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5764.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5764

reference_id

reference_type

scores

value	0.07674
scoring_system	epss
scoring_elements	0.91864
published_at	2026-04-01T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.931
published_at	2026-04-18T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.93078
published_at	2026-04-12T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.93095
published_at	2026-04-16T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.9306
published_at	2026-04-02T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.93063
published_at	2026-04-04T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.93062
published_at	2026-04-07T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.9307
published_at	2026-04-08T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.93075
published_at	2026-04-09T12:55:00Z

value	0.10069
scoring_system	epss
scoring_elements	0.9308
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5764

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1536661
reference_id	1536661
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1536661

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887588
reference_id	887588
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887588

reference_url	https://security.archlinux.org/ASA-201801-21
reference_id	ASA-201801-21
reference_type
scores
url	https://security.archlinux.org/ASA-201801-21

reference_url

reference_id

AVG-542

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2855

reference_url	https://security.gentoo.org/glsa/201805-04
reference_id	GLSA-201805-04
reference_type
scores
url	https://security.gentoo.org/glsa/201805-04

reference_url	https://usn.ubuntu.com/3543-1/
reference_id	USN-3543-1
reference_type
scores
url	https://usn.ubuntu.com/3543-1/

reference_url	https://usn.ubuntu.com/3543-2/
reference_id	USN-3543-2
reference_type
scores
url	https://usn.ubuntu.com/3543-2/

fixed_packages

url	pkg:deb/debian/rsync@3.1.2-2.2?distro=trixie
purl	pkg:deb/debian/rsync@3.1.2-2.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.2-2.2%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2018-5764

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4g8w-n139-dfbn

url VCID-66n1-gnxa-2uf3

vulnerability_id VCID-66n1-gnxa-2uf3

summary rsync: CPU consumption denial of service when authenticating with a non-existent username

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2855.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2855.json

reference_url

reference_id

reference_type

scores

value	0.17189
scoring_system	epss
scoring_elements	0.94982
published_at	2026-04-01T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.94991
published_at	2026-04-02T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.94993
published_at	2026-04-04T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.94996
published_at	2026-04-07T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.95004
published_at	2026-04-08T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.95008
published_at	2026-04-09T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.95013
published_at	2026-04-11T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.95015
published_at	2026-04-12T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.95017
published_at	2026-04-13T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.95026
published_at	2026-04-16T12:55:00Z

value	0.17189
scoring_system	epss
scoring_elements	0.95029
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-2855

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1087841
reference_id	1087841
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1087841

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744791
reference_id	744791
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744791

reference_url	https://usn.ubuntu.com/2171-1/
reference_id	USN-2171-1
reference_type
scores
url	https://usn.ubuntu.com/2171-1/

fixed_packages

url	pkg:deb/debian/rsync@3.1.0-3?distro=trixie
purl	pkg:deb/debian/rsync@3.1.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.0-3%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2014-2855

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-66n1-gnxa-2uf3

url VCID-78yq-gu4t-rke9

vulnerability_id VCID-78yq-gu4t-rke9

summary Multiple vulnerabilities have been discovered in rsync, the worst of which can lead to denial of service or information disclosure.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14387.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-14387

reference_id

reference_type

scores

value	0.00142
scoring_system	epss
scoring_elements	0.34153
published_at	2026-04-01T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34492
published_at	2026-04-02T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34519
published_at	2026-04-04T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34387
published_at	2026-04-07T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34429
published_at	2026-04-08T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34458
published_at	2026-04-09T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.3446
published_at	2026-04-11T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34422
published_at	2026-04-12T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34398
published_at	2026-04-13T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34432
published_at	2026-04-16T12:55:00Z

value	0.00142
scoring_system	epss
scoring_elements	0.34419
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-14387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1875549
reference_id	1875549
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1875549

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969530
reference_id	969530
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969530

reference_url	https://security.archlinux.org/ASA-202101-1
reference_id	ASA-202101-1
reference_type
scores
url	https://security.archlinux.org/ASA-202101-1

reference_url

https://security.archlinux.org/AVG-1374

reference_id

AVG-1374

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1374

reference_url	https://security.gentoo.org/glsa/202405-22
reference_id	GLSA-202405-22
reference_type
scores
url	https://security.gentoo.org/glsa/202405-22

fixed_packages

url	pkg:deb/debian/rsync@3.2.3-3?distro=trixie
purl	pkg:deb/debian/rsync@3.2.3-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-3%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2020-14387

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-78yq-gu4t-rke9

url VCID-9d7g-bby6-8fb3

vulnerability_id VCID-9d7g-bby6-8fb3

summary Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12088.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12088.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12088

reference_id

reference_type

scores

value	0.02887
scoring_system	epss
scoring_elements	0.86331
published_at	2026-04-18T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86292
published_at	2026-04-08T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86303
published_at	2026-04-09T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86317
published_at	2026-04-11T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86315
published_at	2026-04-12T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86311
published_at	2026-04-13T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86327
published_at	2026-04-16T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86255
published_at	2026-04-02T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86272
published_at	2026-04-04T12:55:00Z

value	0.02887
scoring_system	epss
scoring_elements	0.86274
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12088

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12088

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2330676

reference_id

2330676

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2330676

reference_url

reference_id

952657

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/

url

reference_url	https://security.archlinux.org/ASA-202501-1
reference_id	ASA-202501-1
reference_type
scores
url	https://security.archlinux.org/ASA-202501-1

reference_url

reference_id

AVG-2858

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2024-12088

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id	cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url

reference_id

CVE-2024-12088

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/

url

https://access.redhat.com/security/cve/CVE-2024-12088

reference_url	https://security.gentoo.org/glsa/202501-01
reference_id	GLSA-202501-01
reference_type
scores
url	https://security.gentoo.org/glsa/202501-01

reference_url

reference_id

RHBA-2025:6470

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/

url

reference_url

reference_id

RHSA-2025:2600

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/

url

reference_url

reference_id

RHSA-2025:7050

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/

url

reference_url

reference_id

RHSA-2025:8385

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12086.json

reference_url	https://usn.ubuntu.com/7206-1/
reference_id	USN-7206-1
reference_type
scores
url	https://usn.ubuntu.com/7206-1/

reference_url	https://usn.ubuntu.com/7206-3/
reference_id	USN-7206-3
reference_type
scores
url	https://usn.ubuntu.com/7206-3/

fixed_packages

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
purl	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.3.0%252Bds1-3%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2024-12088

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9d7g-bby6-8fb3

url VCID-c1ec-hvuv-ckgk

vulnerability_id VCID-c1ec-hvuv-ckgk

summary Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12086.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12086

reference_id

reference_type

scores

value	0.00635
scoring_system	epss
scoring_elements	0.7037
published_at	2026-04-04T12:55:00Z

value	0.00635
scoring_system	epss
scoring_elements	0.70353
published_at	2026-04-02T12:55:00Z

value	0.00635
scoring_system	epss
scoring_elements	0.70349
published_at	2026-04-07T12:55:00Z

value	0.00635
scoring_system	epss
scoring_elements	0.70394
published_at	2026-04-08T12:55:00Z

value	0.00635
scoring_system	epss
scoring_elements	0.70409
published_at	2026-04-09T12:55:00Z

value	0.00635
scoring_system	epss
scoring_elements	0.70433
published_at	2026-04-11T12:55:00Z

value	0.00635
scoring_system	epss
scoring_elements	0.70417
published_at	2026-04-12T12:55:00Z

value	0.00635
scoring_system	epss
scoring_elements	0.70403
published_at	2026-04-13T12:55:00Z

value	0.00914
scoring_system	epss
scoring_elements	0.75914
published_at	2026-04-16T12:55:00Z

value	0.00914
scoring_system	epss
scoring_elements	0.75917
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12086

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2330577

reference_id

2330577

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2330577

reference_url

reference_id

952657

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/

url

reference_url	https://security.archlinux.org/ASA-202501-1
reference_id	ASA-202501-1
reference_type
scores
url	https://security.archlinux.org/ASA-202501-1

reference_url

reference_id

AVG-2858

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2024-12086

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

reference_id

CVE-2024-12086

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/

url

https://access.redhat.com/security/cve/CVE-2024-12086

reference_url	https://security.gentoo.org/glsa/202501-01
reference_id	GLSA-202501-01
reference_type
scores
url	https://security.gentoo.org/glsa/202501-01

reference_url

reference_id

RHBA-2025:6470

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2004-2093

reference_url	https://usn.ubuntu.com/7206-1/
reference_id	USN-7206-1
reference_type
scores
url	https://usn.ubuntu.com/7206-1/

reference_url	https://usn.ubuntu.com/7206-3/
reference_id	USN-7206-3
reference_type
scores
url	https://usn.ubuntu.com/7206-3/

fixed_packages

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
purl	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.3.0%252Bds1-3%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2024-12086

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c1ec-hvuv-ckgk

url VCID-c8h5-wzqz-e3c6

vulnerability_id VCID-c8h5-wzqz-e3c6

summary Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future.

references

reference_url

reference_id

reference_type

scores

value	0.00728
scoring_system	epss
scoring_elements	0.72573
published_at	2026-04-01T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72581
published_at	2026-04-02T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72598
published_at	2026-04-04T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72574
published_at	2026-04-07T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72613
published_at	2026-04-08T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72625
published_at	2026-04-09T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72648
published_at	2026-04-11T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72631
published_at	2026-04-12T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72621
published_at	2026-04-13T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72663
published_at	2026-04-16T12:55:00Z

value	0.00728
scoring_system	epss
scoring_elements	0.72673
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-2093

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2093
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2093

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/152.c
reference_id	OSVDB-45182;CVE-2004-2093
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/152.c

fixed_packages

url	pkg:deb/debian/rsync@2.6.1-1?distro=trixie
purl	pkg:deb/debian/rsync@2.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.1-1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2004-2093

risk_score null

exploitability 2.0

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8h5-wzqz-e3c6

url VCID-eyjp-7kks-jbfr

vulnerability_id VCID-eyjp-7kks-jbfr

summary

Multiple vulnerabilities have been found in rsync, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9841

reference_id

reference_type

scores

value	0.13495
scoring_system	epss
scoring_elements	0.94234
published_at	2026-04-18T12:55:00Z

value	0.13495
scoring_system	epss
scoring_elements	0.94204
published_at	2026-04-08T12:55:00Z

value	0.13495
scoring_system	epss
scoring_elements	0.94208
published_at	2026-04-09T12:55:00Z

value	0.13495
scoring_system	epss
scoring_elements	0.94213
published_at	2026-04-12T12:55:00Z

value	0.13495
scoring_system	epss
scoring_elements	0.94214
published_at	2026-04-13T12:55:00Z

value	0.13495
scoring_system	epss
scoring_elements	0.94229
published_at	2026-04-16T12:55:00Z

value	0.20281
scoring_system	epss
scoring_elements	0.95479
published_at	2026-04-01T12:55:00Z

value	0.20281
scoring_system	epss
scoring_elements	0.95488
published_at	2026-04-02T12:55:00Z

value	0.20281
scoring_system	epss
scoring_elements	0.95494
published_at	2026-04-04T12:55:00Z

value	0.20848
scoring_system	epss
scoring_elements	0.95599
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9841

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1402346
reference_id	1402346
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1402346

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270
reference_id	847270
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id	924509
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509

reference_url	https://security.gentoo.org/glsa/201701-56
reference_id	GLSA-201701-56
reference_type
scores
url	https://security.gentoo.org/glsa/201701-56

reference_url	https://security.gentoo.org/glsa/202007-54
reference_id	GLSA-202007-54
reference_type
scores
url	https://security.gentoo.org/glsa/202007-54

reference_url	https://access.redhat.com/errata/RHSA-2017:1220
reference_id	RHSA-2017:1220
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1220

reference_url	https://access.redhat.com/errata/RHSA-2017:1221
reference_id	RHSA-2017:1221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1221

reference_url	https://access.redhat.com/errata/RHSA-2017:1222
reference_id	RHSA-2017:1222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1222

reference_url	https://access.redhat.com/errata/RHSA-2017:2999
reference_id	RHSA-2017:2999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2999

reference_url	https://access.redhat.com/errata/RHSA-2017:3046
reference_id	RHSA-2017:3046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3046

reference_url	https://access.redhat.com/errata/RHSA-2017:3047
reference_id	RHSA-2017:3047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3047

reference_url	https://access.redhat.com/errata/RHSA-2017:3453
reference_id	RHSA-2017:3453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3453

reference_url	https://usn.ubuntu.com/4246-1/
reference_id	USN-4246-1
reference_type
scores
url	https://usn.ubuntu.com/4246-1/

reference_url	https://usn.ubuntu.com/4292-1/
reference_id	USN-4292-1
reference_type
scores
url	https://usn.ubuntu.com/4292-1/

reference_url	https://usn.ubuntu.com/6736-1/
reference_id	USN-6736-1
reference_type
scores
url	https://usn.ubuntu.com/6736-1/

reference_url	https://usn.ubuntu.com/6736-2/
reference_id	USN-6736-2
reference_type
scores
url	https://usn.ubuntu.com/6736-2/

fixed_packages

url	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
purl	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2016-9841

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eyjp-7kks-jbfr

url VCID-f424-5j92-myab

vulnerability_id VCID-f424-5j92-myab

summary rsync: Mishandles archaic checksums

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15994.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15994.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15994

reference_id

reference_type

scores

value	0.00128
scoring_system	epss
scoring_elements	0.32179
published_at	2026-04-01T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32196
published_at	2026-04-18T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32213
published_at	2026-04-12T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32183
published_at	2026-04-13T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32216
published_at	2026-04-16T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32312
published_at	2026-04-02T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.3235
published_at	2026-04-04T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32174
published_at	2026-04-07T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32223
published_at	2026-04-08T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.3225
published_at	2026-04-09T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32251
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15994

reference_url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3
reference_id
reference_type
scores
url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3

reference_url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=9a480deec4d20277d8e20bc55515ef0640ca1e55
reference_id
reference_type
scores
url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=9a480deec4d20277d8e20bc55515ef0640ca1e55

reference_url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=c252546ceeb0925eb8a4061315e3ff0a8c55b48b
reference_id
reference_type
scores
url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=c252546ceeb0925eb8a4061315e3ff0a8c55b48b

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1515735
reference_id	1515735
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1515735

reference_url	https://security.archlinux.org/ASA-201801-21
reference_id	ASA-201801-21
reference_type
scores
url	https://security.archlinux.org/ASA-201801-21

reference_url

reference_id

AVG-542

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15994

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync::::::::
reference_id	cpe:2.3:a:samba:rsync::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync::::::::

reference_url

reference_id

CVE-2017-15994

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15994

fixed_packages

url	pkg:deb/debian/rsync@0?distro=trixie
purl	pkg:deb/debian/rsync@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@0%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2017-15994

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f424-5j92-myab

url VCID-f6ja-7k85-j7aa

vulnerability_id VCID-f6ja-7k85-j7aa

summary

Multiple vulnerabilities have been found in rsync, the worst of
    which could allow remote attackers to write arbitrary files.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9512.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9512.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9512

reference_id

reference_type

scores

value	0.08882
scoring_system	epss
scoring_elements	0.92571
published_at	2026-04-18T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92523
published_at	2026-04-01T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92528
published_at	2026-04-02T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92536
published_at	2026-04-04T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92538
published_at	2026-04-07T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92549
published_at	2026-04-08T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92554
published_at	2026-04-09T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.9256
published_at	2026-04-13T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92561
published_at	2026-04-12T12:55:00Z

value	0.08882
scoring_system	epss
scoring_elements	0.92572
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9512

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9512
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9512

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:C/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1293854
reference_id	1293854
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1293854

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778333
reference_id	778333
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778333

reference_url	https://security.gentoo.org/glsa/201605-04
reference_id	GLSA-201605-04
reference_type
scores
url	https://security.gentoo.org/glsa/201605-04

reference_url	https://usn.ubuntu.com/2879-1/
reference_id	USN-2879-1
reference_type
scores
url	https://usn.ubuntu.com/2879-1/

fixed_packages

url	pkg:deb/debian/rsync@3.1.1-3?distro=trixie
purl	pkg:deb/debian/rsync@3.1.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.1-3%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2014-9512

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f6ja-7k85-j7aa

url VCID-f9da-9x6z-kqcv

vulnerability_id VCID-f9da-9x6z-kqcv

summary

A buffer overflow in rsync might lead to the remote execution of arbitrary
    code when extended attributes are being used.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1720.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1720.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1720

reference_id

reference_type

scores

value	0.08442
scoring_system	epss
scoring_elements	0.9231
published_at	2026-04-01T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92317
published_at	2026-04-02T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92323
published_at	2026-04-04T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92326
published_at	2026-04-07T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92337
published_at	2026-04-08T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92342
published_at	2026-04-09T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92347
published_at	2026-04-11T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92349
published_at	2026-04-12T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92346
published_at	2026-04-13T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92358
published_at	2026-04-16T12:55:00Z

value	0.08442
scoring_system	epss
scoring_elements	0.92357
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=441683
reference_id	441683
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=441683

reference_url	https://security.gentoo.org/glsa/200804-16
reference_id	GLSA-200804-16
reference_type
scores
url	https://security.gentoo.org/glsa/200804-16

reference_url	https://usn.ubuntu.com/600-1/
reference_id	USN-600-1
reference_type
scores
url	https://usn.ubuntu.com/600-1/

fixed_packages

url	pkg:deb/debian/rsync@3.0.2-1?distro=trixie
purl	pkg:deb/debian/rsync@3.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.0.2-1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2008-1720

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9da-9x6z-kqcv

url VCID-h2jt-8ppk-nbh9

vulnerability_id VCID-h2jt-8ppk-nbh9

summary

Multiple vulnerabilities have been found in rsync, the worst of
    which could allow remote attackers to bypass access restrictions.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17433.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17433.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17433

reference_id

reference_type

scores

value	0.01555
scoring_system	epss
scoring_elements	0.81371
published_at	2026-04-01T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81475
published_at	2026-04-18T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81435
published_at	2026-04-09T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81457
published_at	2026-04-11T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81444
published_at	2026-04-12T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81437
published_at	2026-04-13T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81474
published_at	2026-04-16T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.8138
published_at	2026-04-02T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81403
published_at	2026-04-04T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.81401
published_at	2026-04-07T12:55:00Z

value	0.01555
scoring_system	epss
scoring_elements	0.8143
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17433

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1522874#c4
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1522874#c4

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434

reference_url	http://security.cucumberlinux.com/security/details.php?id=169
reference_id
reference_type
scores
url	http://security.cucumberlinux.com/security/details.php?id=169

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:N

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
reference_id
reference_type
scores
url	https://git.samba.org/?p=rsync.git%3Ba=commit%3Bh=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00020.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00020.html

reference_url	https://www.debian.org/security/2017/dsa-4068
reference_id
reference_type
scores
url	https://www.debian.org/security/2017/dsa-4068

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1522874
reference_id	1522874
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1522874

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883667
reference_id	883667
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883667

reference_url	https://security.archlinux.org/ASA-201801-21
reference_id	ASA-201801-21
reference_type
scores
url	https://security.archlinux.org/ASA-201801-21

reference_url

reference_id

AVG-542

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17433

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.1.2:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

reference_id

CVE-2017-17433

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	3.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17433

reference_url	https://security.gentoo.org/glsa/201801-16
reference_id	GLSA-201801-16
reference_type
scores
url	https://security.gentoo.org/glsa/201801-16

reference_url	https://usn.ubuntu.com/3506-1/
reference_id	USN-3506-1
reference_type
scores
url	https://usn.ubuntu.com/3506-1/

reference_url	https://usn.ubuntu.com/3506-2/
reference_id	USN-3506-2
reference_type
scores
url	https://usn.ubuntu.com/3506-2/

fixed_packages

url	pkg:deb/debian/rsync@3.1.2-2.1?distro=trixie
purl	pkg:deb/debian/rsync@3.1.2-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.2-2.1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2017-17433

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h2jt-8ppk-nbh9

url VCID-m6xx-a91r-sbhu

vulnerability_id VCID-m6xx-a91r-sbhu

summary

Multiple vulnerabilities have been found in rsync, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9842

reference_id

reference_type

scores

value	0.12133
scoring_system	epss
scoring_elements	0.93832
published_at	2026-04-16T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.93804
published_at	2026-04-09T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.9377
published_at	2026-04-01T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.93837
published_at	2026-04-18T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.93809
published_at	2026-04-13T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.93801
published_at	2026-04-08T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.93793
published_at	2026-04-07T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.93789
published_at	2026-04-04T12:55:00Z

value	0.12133
scoring_system	epss
scoring_elements	0.93779
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9842

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1402348

reference_id

1402348

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1402348

reference_url

http://www.openwall.com/lists/oss-security/2016/12/05/21

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

http://www.openwall.com/lists/oss-security/2016/12/05/21

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274
reference_id	847274
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id	924509
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509

reference_url

http://www.securityfocus.com/bid/95131

reference_id

95131

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

http://www.securityfocus.com/bid/95131

reference_url

https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib

reference_id

Completed#zlib

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib

reference_url

https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958

reference_id

e54e1299404101a5a9d0cf5e45512b543967f958

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958

reference_url

https://security.gentoo.org/glsa/201701-56

reference_id

GLSA-201701-56

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://security.gentoo.org/glsa/201701-56

reference_url

https://security.gentoo.org/glsa/202007-54

reference_id

GLSA-202007-54

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://security.gentoo.org/glsa/202007-54

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html

reference_id

msg00027.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html

reference_id

msg00030.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html

reference_url

http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html

reference_id

msg00050.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html

reference_url

http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html

reference_id

msg00053.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html

reference_url

http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html

reference_id

msg00127.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html

reference_url

https://access.redhat.com/errata/RHSA-2017:1220

reference_id

RHSA-2017:1220

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://access.redhat.com/errata/RHSA-2017:1220

reference_url

https://access.redhat.com/errata/RHSA-2017:1221

reference_id

RHSA-2017:1221

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://access.redhat.com/errata/RHSA-2017:1221

reference_url

https://access.redhat.com/errata/RHSA-2017:1222

reference_id

RHSA-2017:1222

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://access.redhat.com/errata/RHSA-2017:1222

reference_url

https://access.redhat.com/errata/RHSA-2017:2999

reference_id

RHSA-2017:2999

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://access.redhat.com/errata/RHSA-2017:2999

reference_url

https://access.redhat.com/errata/RHSA-2017:3046

reference_id

RHSA-2017:3046

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://access.redhat.com/errata/RHSA-2017:3046

reference_url

https://access.redhat.com/errata/RHSA-2017:3047

reference_id

RHSA-2017:3047

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://access.redhat.com/errata/RHSA-2017:3047

reference_url

https://access.redhat.com/errata/RHSA-2017:3453

reference_id

RHSA-2017:3453

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://access.redhat.com/errata/RHSA-2017:3453

reference_url

https://usn.ubuntu.com/4246-1/

reference_id

USN-4246-1

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://usn.ubuntu.com/4246-1/

reference_url

https://usn.ubuntu.com/4292-1/

reference_id

USN-4292-1

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://usn.ubuntu.com/4292-1/

reference_url

https://wiki.mozilla.org/images/0/09/Zlib-report.pdf

reference_id

Zlib-report.pdf

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/

url

https://wiki.mozilla.org/images/0/09/Zlib-report.pdf

fixed_packages

url	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
purl	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2016-9842

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6xx-a91r-sbhu

url VCID-mr6h-6jrp-gyf3

vulnerability_id VCID-mr6h-6jrp-gyf3

summary

Multiple vulnerabilities have been found in rsync, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9840

reference_id

reference_type

scores

value	0.13004
scoring_system	epss
scoring_elements	0.94041
published_at	2026-04-01T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.94102
published_at	2026-04-18T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.94081
published_at	2026-04-13T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.94097
published_at	2026-04-16T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.9405
published_at	2026-04-02T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.9406
published_at	2026-04-04T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.94064
published_at	2026-04-07T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.94072
published_at	2026-04-08T12:55:00Z

value	0.13004
scoring_system	epss
scoring_elements	0.94076
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9840

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1402345
reference_id	1402345
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1402345

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270
reference_id	847270
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id	924509
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509

reference_url	https://security.gentoo.org/glsa/201701-56
reference_id	GLSA-201701-56
reference_type
scores
url	https://security.gentoo.org/glsa/201701-56

reference_url	https://security.gentoo.org/glsa/202007-54
reference_id	GLSA-202007-54
reference_type
scores
url	https://security.gentoo.org/glsa/202007-54

reference_url	https://access.redhat.com/errata/RHSA-2017:1220
reference_id	RHSA-2017:1220
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1220

reference_url	https://access.redhat.com/errata/RHSA-2017:1221
reference_id	RHSA-2017:1221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1221

reference_url	https://access.redhat.com/errata/RHSA-2017:1222
reference_id	RHSA-2017:1222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1222

reference_url	https://access.redhat.com/errata/RHSA-2017:2999
reference_id	RHSA-2017:2999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2999

reference_url	https://access.redhat.com/errata/RHSA-2017:3046
reference_id	RHSA-2017:3046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3046

reference_url	https://access.redhat.com/errata/RHSA-2017:3047
reference_id	RHSA-2017:3047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3047

reference_url	https://access.redhat.com/errata/RHSA-2017:3453
reference_id	RHSA-2017:3453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3453

reference_url	https://access.redhat.com/errata/RHSA-2025:10541
reference_id	RHSA-2025:10541
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:10541

reference_url	https://access.redhat.com/errata/RHSA-2025:11048
reference_id	RHSA-2025:11048
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11048

reference_url	https://access.redhat.com/errata/RHSA-2025:12013
reference_id	RHSA-2025:12013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:12013

reference_url	https://access.redhat.com/errata/RHSA-2025:13947
reference_id	RHSA-2025:13947
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13947

reference_url	https://access.redhat.com/errata/RHSA-2025:8284
reference_id	RHSA-2025:8284
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8284

reference_url	https://access.redhat.com/errata/RHSA-2025:8314
reference_id	RHSA-2025:8314
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8314

reference_url	https://access.redhat.com/errata/RHSA-2025:8395
reference_id	RHSA-2025:8395
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:8395

reference_url	https://usn.ubuntu.com/4246-1/
reference_id	USN-4246-1
reference_type
scores
url	https://usn.ubuntu.com/4246-1/

reference_url	https://usn.ubuntu.com/4292-1/
reference_id	USN-4292-1
reference_type
scores
url	https://usn.ubuntu.com/4292-1/

reference_url	https://usn.ubuntu.com/6736-1/
reference_id	USN-6736-1
reference_type
scores
url	https://usn.ubuntu.com/6736-1/

reference_url	https://usn.ubuntu.com/6736-2/
reference_id	USN-6736-2
reference_type
scores
url	https://usn.ubuntu.com/6736-2/

fixed_packages

url	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
purl	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2016-9840

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mr6h-6jrp-gyf3

url VCID-pfb2-95fp-7bbm

vulnerability_id VCID-pfb2-95fp-7bbm

summary

An attacker having write access to an rsync module might be able to execute
    arbitrary code on an rsync server.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2083.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2083.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-2083

reference_id

reference_type

scores

value	0.01506
scoring_system	epss
scoring_elements	0.81103
published_at	2026-04-01T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81112
published_at	2026-04-02T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81137
published_at	2026-04-04T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81135
published_at	2026-04-07T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81163
published_at	2026-04-08T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81169
published_at	2026-04-09T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81188
published_at	2026-04-11T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81175
published_at	2026-04-12T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81168
published_at	2026-04-13T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81205
published_at	2026-04-16T12:55:00Z

value	0.01506
scoring_system	epss
scoring_elements	0.81206
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-2083

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2083
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2083

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=190207
reference_id	190207
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=190207

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365614
reference_id	365614
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365614

reference_url	https://security.gentoo.org/glsa/200605-05
reference_id	GLSA-200605-05
reference_type
scores
url	https://security.gentoo.org/glsa/200605-05

fixed_packages

url	pkg:deb/debian/rsync@2.6.8-1?distro=trixie
purl	pkg:deb/debian/rsync@2.6.8-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.8-1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2006-2083

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pfb2-95fp-7bbm

url VCID-q576-uw5g-8kh3

vulnerability_id VCID-q576-uw5g-8kh3

summary Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12087.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12087.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12087

reference_id

reference_type

scores

value	0.03189
scoring_system	epss
scoring_elements	0.87
published_at	2026-04-18T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86971
published_at	2026-04-08T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86978
published_at	2026-04-09T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86991
published_at	2026-04-11T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86986
published_at	2026-04-12T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.8698
published_at	2026-04-13T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86996
published_at	2026-04-16T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86939
published_at	2026-04-02T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86957
published_at	2026-04-04T12:55:00Z

value	0.03189
scoring_system	epss
scoring_elements	0.86951
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12087

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2330672

reference_id

2330672

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2330672

reference_url

reference_id

952657

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

reference_url	https://security.archlinux.org/ASA-202501-1
reference_id	ASA-202501-1
reference_type
scores
url	https://security.archlinux.org/ASA-202501-1

reference_url

reference_id

AVG-2858

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2024-12087

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id	cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6
reference_id	cpe:/o:redhat:rhel_els:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

reference_id

CVE-2024-12087

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/security/cve/CVE-2024-12087

reference_url	https://security.gentoo.org/glsa/202501-01
reference_id	GLSA-202501-01
reference_type
scores
url	https://security.gentoo.org/glsa/202501-01

reference_url

reference_id

RHBA-2025:6470

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23154

reference_url

reference_id

RHSA-2025:23154

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23154

reference_url

https://access.redhat.com/errata/RHSA-2025:23235

reference_id

RHSA-2025:23235

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23235

reference_url

https://access.redhat.com/errata/RHSA-2025:23407

reference_id

RHSA-2025:23407

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23407

reference_url

https://access.redhat.com/errata/RHSA-2025:23415

reference_id

RHSA-2025:23415

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23415

reference_url

https://access.redhat.com/errata/RHSA-2025:23416

reference_id

RHSA-2025:23416

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23416

reference_url

https://access.redhat.com/errata/RHSA-2025:23842

reference_id

RHSA-2025:23842

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23842

reference_url

https://access.redhat.com/errata/RHSA-2025:23853

reference_id

RHSA-2025:23853

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23853

reference_url

https://access.redhat.com/errata/RHSA-2025:23854

reference_id

RHSA-2025:23854

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23854

reference_url

https://access.redhat.com/errata/RHSA-2025:23858

reference_id

RHSA-2025:23858

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://access.redhat.com/errata/RHSA-2025:23858

reference_url

reference_id

RHSA-2025:2600

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

reference_url

reference_id

RHSA-2025:7050

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

reference_url

reference_id

RHSA-2025:8385

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1097

reference_url	https://usn.ubuntu.com/7206-1/
reference_id	USN-7206-1
reference_type
scores
url	https://usn.ubuntu.com/7206-1/

reference_url	https://usn.ubuntu.com/7206-3/
reference_id	USN-7206-3
reference_type
scores
url	https://usn.ubuntu.com/7206-3/

fixed_packages

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
purl	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.3.0%252Bds1-3%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2024-12087

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q576-uw5g-8kh3

url VCID-qwud-4v7w-43dv

vulnerability_id VCID-qwud-4v7w-43dv

summary

This GLSA contains notification of vulnerabilities found in several
    Gentoo packages which have been fixed prior to January 1, 2012. The worst
    of these vulnerabilities could lead to local privilege escalation and
    remote code execution. Please see the package list and CVE identifiers
    below for more information.

references

reference_url	http://gitweb.samba.org/?p=rsync.git%3Ba=commit%3Bh=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6
reference_id
reference_type
scores
url	http://gitweb.samba.org/?p=rsync.git%3Ba=commit%3Bh=83b94efa6b60a3ff5eee4c5f7812c617a90a03f6

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057641.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057736.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057737.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html

reference_url	http://lists.samba.org/archive/rsync/2011-January/025988.html
reference_id
reference_type
scores
url	http://lists.samba.org/archive/rsync/2011-January/025988.html

reference_url	http://marc.info/?l=bugtraq&m=133226187115472&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=bugtraq&m=133226187115472&w=2

reference_url	http://rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWS
reference_id
reference_type
scores
url	http://rsync.samba.org/ftp/rsync/src/rsync-3.0.8-NEWS

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1097.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1097.json

reference_url

reference_id

reference_type

scores

value	0.01623
scoring_system	epss
scoring_elements	0.81876
published_at	2026-04-18T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81774
published_at	2026-04-01T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81784
published_at	2026-04-02T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81807
published_at	2026-04-04T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81804
published_at	2026-04-07T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81831
published_at	2026-04-08T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81838
published_at	2026-04-09T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81857
published_at	2026-04-11T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81845
published_at	2026-04-12T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81839
published_at	2026-04-13T12:55:00Z

value	0.01623
scoring_system	epss
scoring_elements	0.81875
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-1097

reference_url	https://bugzilla.samba.org/show_bug.cgi?id=7936
reference_id
reference_type
scores
url	https://bugzilla.samba.org/show_bug.cgi?id=7936

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097

reference_url	http://secunia.com/advisories/44071
reference_id
reference_type
scores
url	http://secunia.com/advisories/44071

reference_url	http://secunia.com/advisories/44088
reference_id
reference_type
scores
url	http://secunia.com/advisories/44088

reference_url	http://securitytracker.com/id?1025256
reference_id
reference_type
scores
url	http://securitytracker.com/id?1025256

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:066
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2011:066

reference_url	http://www.redhat.com/support/errata/RHSA-2011-0390.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2011-0390.html

reference_url	http://www.vupen.com/english/advisories/2011/0792
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0792

reference_url	http://www.vupen.com/english/advisories/2011/0793
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0793

reference_url	http://www.vupen.com/english/advisories/2011/0873
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0873

reference_url	http://www.vupen.com/english/advisories/2011/0876
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0876

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621866
reference_id	621866
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621866

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=675036
reference_id	675036
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=675036

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.0:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.1:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.2:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.3:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.4:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.5:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.6:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.7:::::::*
reference_id	cpe:2.3:a:samba:rsync:3.0.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:samba:rsync:3.0.7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2011-1097

reference_id

CVE-2011-1097

reference_type

scores

value	5.1
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2011-1097

reference_url	https://security.gentoo.org/glsa/201412-09
reference_id	GLSA-201412-09
reference_type
scores
url	https://security.gentoo.org/glsa/201412-09

reference_url	https://access.redhat.com/errata/RHSA-2011:0390
reference_id	RHSA-2011:0390
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0390

reference_url	https://usn.ubuntu.com/1124-1/
reference_id	USN-1124-1
reference_type
scores
url	https://usn.ubuntu.com/1124-1/

fixed_packages

url	pkg:deb/debian/rsync@3.0.8?distro=trixie
purl	pkg:deb/debian/rsync@3.0.8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.0.8%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2011-1097

risk_score 2.3

exploitability 0.5

weighted_severity 4.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qwud-4v7w-43dv

url VCID-rp3f-utn4-ubb7

vulnerability_id VCID-rp3f-utn4-ubb7

summary security flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0962.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0962.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-0962

reference_id

reference_type

scores

value	0.44259
scoring_system	epss
scoring_elements	0.97529
published_at	2026-04-01T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97534
published_at	2026-04-02T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97537
published_at	2026-04-04T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97538
published_at	2026-04-07T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97544
published_at	2026-04-08T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97545
published_at	2026-04-09T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97548
published_at	2026-04-11T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97551
published_at	2026-04-12T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97552
published_at	2026-04-13T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.9756
published_at	2026-04-16T12:55:00Z

value	0.44259
scoring_system	epss
scoring_elements	0.97562
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-0962

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0962
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0962

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617105
reference_id	1617105
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617105

reference_url	https://access.redhat.com/errata/RHSA-2003:398
reference_id	RHSA-2003:398
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:398

reference_url	https://access.redhat.com/errata/RHSA-2003:399
reference_id	RHSA-2003:399
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2003:399

fixed_packages

url	pkg:deb/debian/rsync@2.5.6-1.1?distro=trixie
purl	pkg:deb/debian/rsync@2.5.6-1.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.5.6-1.1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2003-0962

risk_score 0.2

exploitability 0.5

weighted_severity 0.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp3f-utn4-ubb7

url VCID-smft-ms93-6kf1

vulnerability_id VCID-smft-ms93-6kf1

summary

Multiple vulnerabilities have been found in rsync, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-9843

reference_id

reference_type

scores

value	0.15071
scoring_system	epss
scoring_elements	0.9454
published_at	2026-04-01T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94547
published_at	2026-04-02T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94555
published_at	2026-04-04T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94557
published_at	2026-04-07T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94567
published_at	2026-04-08T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94571
published_at	2026-04-09T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94575
published_at	2026-04-11T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94577
published_at	2026-04-12T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94578
published_at	2026-04-13T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.9459
published_at	2026-04-16T12:55:00Z

value	0.15071
scoring_system	epss
scoring_elements	0.94595
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-9843

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1402351
reference_id	1402351
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1402351

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275
reference_id	847275
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id	924509
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509

reference_url	https://security.gentoo.org/glsa/201701-56
reference_id	GLSA-201701-56
reference_type
scores
url	https://security.gentoo.org/glsa/201701-56

reference_url	https://security.gentoo.org/glsa/202007-54
reference_id	GLSA-202007-54
reference_type
scores
url	https://security.gentoo.org/glsa/202007-54

reference_url	https://access.redhat.com/errata/RHSA-2017:1220
reference_id	RHSA-2017:1220
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1220

reference_url	https://access.redhat.com/errata/RHSA-2017:1221
reference_id	RHSA-2017:1221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1221

reference_url	https://access.redhat.com/errata/RHSA-2017:1222
reference_id	RHSA-2017:1222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1222

reference_url	https://access.redhat.com/errata/RHSA-2017:2999
reference_id	RHSA-2017:2999
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2999

reference_url	https://access.redhat.com/errata/RHSA-2017:3046
reference_id	RHSA-2017:3046
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3046

reference_url	https://access.redhat.com/errata/RHSA-2017:3047
reference_id	RHSA-2017:3047
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3047

reference_url	https://access.redhat.com/errata/RHSA-2017:3453
reference_id	RHSA-2017:3453
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:3453

reference_url	https://usn.ubuntu.com/4246-1/
reference_id	USN-4246-1
reference_type
scores
url	https://usn.ubuntu.com/4246-1/

reference_url	https://usn.ubuntu.com/4292-1/
reference_id	USN-4292-1
reference_type
scores
url	https://usn.ubuntu.com/4292-1/

reference_url	https://usn.ubuntu.com/7959-1/
reference_id	USN-7959-1
reference_type
scores
url	https://usn.ubuntu.com/7959-1/

fixed_packages

url	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
purl	pkg:deb/debian/rsync@3.1.3-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2016-9843

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-smft-ms93-6kf1

url VCID-su3r-5r3f-fbfr

vulnerability_id VCID-su3r-5r3f-fbfr

summary security flaw

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0426.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0426.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-0426

reference_id

reference_type

scores

value	0.03446
scoring_system	epss
scoring_elements	0.87438
published_at	2026-04-01T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87448
published_at	2026-04-02T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87462
published_at	2026-04-04T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87463
published_at	2026-04-07T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87483
published_at	2026-04-08T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87489
published_at	2026-04-09T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.875
published_at	2026-04-11T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87496
published_at	2026-04-12T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87493
published_at	2026-04-13T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.87508
published_at	2026-04-16T12:55:00Z

value	0.03446
scoring_system	epss
scoring_elements	0.8751
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-0426

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0426
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0426

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617206
reference_id	1617206
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617206

reference_url	https://access.redhat.com/errata/RHSA-2004:192
reference_id	RHSA-2004:192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:192

fixed_packages

url	pkg:deb/debian/rsync@2.6.1-1?distro=trixie
purl	pkg:deb/debian/rsync@2.6.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.1-1%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2004-0426

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-su3r-5r3f-fbfr

url VCID-ty4c-hwkm-uqes

vulnerability_id VCID-ty4c-hwkm-uqes

summary

rsync fails to properly sanitize paths. This vulnerability could allow the
    listing of arbitrary files and allow file overwriting outside module's path
    on rsync server configurations that allow uploading.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0792.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0792.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-0792

reference_id

reference_type

scores

value	0.00839
scoring_system	epss
scoring_elements	0.74641
published_at	2026-04-01T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74645
published_at	2026-04-02T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74671
published_at	2026-04-04T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74646
published_at	2026-04-07T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74677
published_at	2026-04-08T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74692
published_at	2026-04-09T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74715
published_at	2026-04-11T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74695
published_at	2026-04-12T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74687
published_at	2026-04-13T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74724
published_at	2026-04-16T12:55:00Z

value	0.00839
scoring_system	epss
scoring_elements	0.74731
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-0792

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0792
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0792

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1617292
reference_id	1617292
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1617292

reference_url	https://security.gentoo.org/glsa/200408-17
reference_id	GLSA-200408-17
reference_type
scores
url	https://security.gentoo.org/glsa/200408-17

reference_url	https://access.redhat.com/errata/RHSA-2004:436
reference_id	RHSA-2004:436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2004:436

fixed_packages

url	pkg:deb/debian/rsync@2.6.2-3?distro=trixie
purl	pkg:deb/debian/rsync@2.6.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.2-3%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2004-0792

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ty4c-hwkm-uqes

url VCID-ua8q-v9qd-wqb5

vulnerability_id VCID-ua8q-v9qd-wqb5

summary rsync: Rsync: Out of bounds array access via negative index

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10158.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10158.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-10158

reference_id

reference_type

scores

value	0.00053
scoring_system	epss
scoring_elements	0.1658
published_at	2026-04-18T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17269
published_at	2026-04-16T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20307
published_at	2026-04-02T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.2017
published_at	2026-04-08T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20228
published_at	2026-04-09T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20252
published_at	2026-04-11T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20207
published_at	2026-04-12T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20147
published_at	2026-04-13T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20366
published_at	2026-04-04T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20089
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-10158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10158

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121442
reference_id	1121442
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121442

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2415637
reference_id	2415637
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2415637

reference_url

https://github.com/RsyncProject/rsync/commit/797e17fc4a6f15e3b1756538a9f812b63942686f

reference_id

797e17fc4a6f15e3b1756538a9f812b63942686f

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T16:15:02Z/

url

https://github.com/RsyncProject/rsync/commit/797e17fc4a6f15e3b1756538a9f812b63942686f

reference_url

https://attackerkb.com/assessments/fbacb2a6-d1cd-4011-bb3a-f06b1c8306b1

reference_id

fbacb2a6-d1cd-4011-bb3a-f06b1c8306b1

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-19T16:15:02Z/

url

https://attackerkb.com/assessments/fbacb2a6-d1cd-4011-bb3a-f06b1c8306b1

reference_url	https://access.redhat.com/errata/RHSA-2026:6390
reference_id	RHSA-2026:6390
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6390

reference_url	https://access.redhat.com/errata/RHSA-2026:6436
reference_id	RHSA-2026:6436
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6436

reference_url	https://access.redhat.com/errata/RHSA-2026:6825
reference_id	RHSA-2026:6825
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:6825

fixed_packages

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2025-10158

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ua8q-v9qd-wqb5

url VCID-vc17-vd6v-r3az

vulnerability_id VCID-vc17-vd6v-r3az

summary Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12084.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12084.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12084

reference_id

reference_type

scores

value	0.03461
scoring_system	epss
scoring_elements	0.87545
published_at	2026-04-18T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.8752
published_at	2026-04-08T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87527
published_at	2026-04-09T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87538
published_at	2026-04-11T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87534
published_at	2026-04-12T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.8753
published_at	2026-04-13T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87544
published_at	2026-04-16T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87485
published_at	2026-04-02T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87498
published_at	2026-04-04T12:55:00Z

value	0.03461
scoring_system	epss
scoring_elements	0.87501
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12084

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2330527

reference_id

2330527

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-27T04:55:13Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2330527

reference_url

reference_id

952657

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-27T04:55:13Z/

url

reference_url	https://security.archlinux.org/ASA-202501-1
reference_id	ASA-202501-1
reference_type
scores
url	https://security.archlinux.org/ASA-202501-1

reference_url

reference_id

AVG-2858

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2024-12084

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

reference_id

CVE-2024-12084

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-27T04:55:13Z/

url

https://access.redhat.com/security/cve/CVE-2024-12084

reference_url	https://security.gentoo.org/glsa/202501-01
reference_id	GLSA-202501-01
reference_type
scores
url	https://security.gentoo.org/glsa/202501-01

reference_url

reference_id

RHBA-2025:6470

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-02-27T04:55:13Z/

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12085.json

reference_url	https://usn.ubuntu.com/7206-1/
reference_id	USN-7206-1
reference_type
scores
url	https://usn.ubuntu.com/7206-1/

reference_url	https://usn.ubuntu.com/7206-3/
reference_id	USN-7206-3
reference_type
scores
url	https://usn.ubuntu.com/7206-3/

fixed_packages

url	pkg:deb/debian/rsync@0?distro=trixie
purl	pkg:deb/debian/rsync@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@0%3Fdistro=trixie

url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4g3g-qmrg-tbf6

vulnerability	VCID-ua8q-v9qd-wqb5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
purl	pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
purl	pkg:deb/debian/rsync@3.3.0%2Bds1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.3.0%252Bds1-3%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-5%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-5%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
purl	pkg:deb/debian/rsync@3.4.1%2Bds1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.4.1%252Bds1-7%3Fdistro=trixie

aliases CVE-2024-12084

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vc17-vd6v-r3az

url VCID-y5ep-xtwr-ckg6

vulnerability_id VCID-y5ep-xtwr-ckg6

summary Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution.

references

reference_url

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12085.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-12085

reference_id

reference_type

scores

value	0.19143
scoring_system	epss
scoring_elements	0.95363
published_at	2026-04-18T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.95335
published_at	2026-04-07T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.95342
published_at	2026-04-08T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.95345
published_at	2026-04-09T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.9535
published_at	2026-04-12T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.95352
published_at	2026-04-13T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.9536
published_at	2026-04-16T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.95324
published_at	2026-04-02T12:55:00Z

value	0.19143
scoring_system	epss
scoring_elements	0.9533
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-12085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12085

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2330539

reference_id

2330539

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2330539

reference_url

reference_id

952657

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/

url

reference_url	https://security.archlinux.org/ASA-202501-1
reference_id	ASA-202501-1
reference_type
scores
url	https://security.archlinux.org/ASA-202501-1

reference_url

reference_id

AVG-2858

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2024-12085

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9
reference_id	cpe:/a:redhat:logging:5.8::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.9::el9
reference_id	cpe:/a:redhat:logging:5.9::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.9::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id	cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id	cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id	cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id	cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_compliance_operator:1::el9
reference_id	cpe:/a:redhat:openshift_compliance_operator:1::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_compliance_operator:1::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6
reference_id	cpe:/o:redhat:rhel_els:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id	cpe:/o:redhat:rhel_els:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url

reference_id

CVE-2024-12085

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/

url

https://access.redhat.com/security/cve/CVE-2024-12085

reference_url	https://security.gentoo.org/glsa/202501-01
reference_id	GLSA-202501-01
reference_type
scores
url	https://security.gentoo.org/glsa/202501-01

reference_url

reference_id

RHBA-2025:6470

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/

url