Search for packages
| purl | pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1?distro=trixie |
| Next non-vulnerable version | 3.2.3-4+deb11u2 |
| Latest non-vulnerable version | 3.4.1+ds1-7 |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4g3g-qmrg-tbf6
Aliases: CVE-2022-29154 |
Multiple vulnerabilities have been discovered in rsync, the worst of which can lead to denial of service or information disclosure. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-ua8q-v9qd-wqb5
Aliases: CVE-2025-10158 |
rsync: Rsync: Out of bounds array access via negative index |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1dp2-jcqh-7ket | Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to bypass access restrictions. |
CVE-2017-17434
|
| VCID-1snq-bkw3-3kff | Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to bypass access restrictions. |
CVE-2017-16548
|
| VCID-1vu9-xzw9-kfe2 | zlib DoS |
CVE-2005-2096
|
| VCID-2phq-g3rz-2be8 | When rsync is run w/o chroot, symlinks that point outside daemon's root can be created |
CVE-2007-6199
|
| VCID-472y-7aza-j7c4 | Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution. |
CVE-2024-12747
|
| VCID-4g8w-n139-dfbn | A vulnerability in rsync might allow remote attackers to execute arbitrary commands. |
CVE-2018-5764
|
| VCID-66n1-gnxa-2uf3 | rsync: CPU consumption denial of service when authenticating with a non-existent username |
CVE-2014-2855
|
| VCID-78yq-gu4t-rke9 | Multiple vulnerabilities have been discovered in rsync, the worst of which can lead to denial of service or information disclosure. |
CVE-2020-14387
|
| VCID-9d7g-bby6-8fb3 | Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution. |
CVE-2024-12088
|
| VCID-c1ec-hvuv-ckgk | Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution. |
CVE-2024-12086
|
| VCID-c8h5-wzqz-e3c6 | Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future. |
CVE-2004-2093
|
| VCID-eyjp-7kks-jbfr | Multiple vulnerabilities have been found in rsync, the worst of which could result in a Denial of Service condition. |
CVE-2016-9841
|
| VCID-f424-5j92-myab | rsync: Mishandles archaic checksums |
CVE-2017-15994
|
| VCID-f6ja-7k85-j7aa | Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to write arbitrary files. |
CVE-2014-9512
|
| VCID-f9da-9x6z-kqcv | A buffer overflow in rsync might lead to the remote execution of arbitrary code when extended attributes are being used. |
CVE-2008-1720
|
| VCID-h2jt-8ppk-nbh9 | Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to bypass access restrictions. |
CVE-2017-17433
|
| VCID-m6xx-a91r-sbhu | Multiple vulnerabilities have been found in rsync, the worst of which could result in a Denial of Service condition. |
CVE-2016-9842
|
| VCID-mr6h-6jrp-gyf3 | Multiple vulnerabilities have been found in rsync, the worst of which could result in a Denial of Service condition. |
CVE-2016-9840
|
| VCID-pfb2-95fp-7bbm | An attacker having write access to an rsync module might be able to execute arbitrary code on an rsync server. |
CVE-2006-2083
|
| VCID-q576-uw5g-8kh3 | Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution. |
CVE-2024-12087
|
| VCID-qwud-4v7w-43dv | This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2012. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information. |
CVE-2011-1097
|
| VCID-rp3f-utn4-ubb7 | security flaw |
CVE-2003-0962
|
| VCID-smft-ms93-6kf1 | Multiple vulnerabilities have been found in rsync, the worst of which could result in a Denial of Service condition. |
CVE-2016-9843
|
| VCID-su3r-5r3f-fbfr | security flaw |
CVE-2004-0426
|
| VCID-ty4c-hwkm-uqes | rsync fails to properly sanitize paths. This vulnerability could allow the listing of arbitrary files and allow file overwriting outside module's path on rsync server configurations that allow uploading. |
CVE-2004-0792
|
| VCID-vc17-vd6v-r3az | Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution. |
CVE-2024-12084
|
| VCID-y5ep-xtwr-ckg6 | Multiple vulnerabilities have been discovered in rsync, the worst of which could lead to arbitrary code execution. |
CVE-2024-12085
|
| VCID-yd1c-ptsv-hffu | rsync excluded content access restrictions bypass via symlinks |
CVE-2007-6200
|
| VCID-zr3m-d432-vqge | Two user-assisted buffer overflow vulnerabilities have been discovered in rsync. |
CVE-2007-4091
|