Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/rsync@2.3.2-1.2
Typedeb
Namespacedebian
Namersync
Version2.3.2-1.2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-29gg-j4vp-7bef
vulnerability_id VCID-29gg-j4vp-7bef
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17433.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17433.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17433
reference_id
reference_type
scores
0
value 0.01555
scoring_system epss
scoring_elements 0.81802
published_at 2026-06-07T12:55:00Z
1
value 0.01555
scoring_system epss
scoring_elements 0.81767
published_at 2026-06-04T12:55:00Z
2
value 0.01555
scoring_system epss
scoring_elements 0.81796
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17433
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1522874
reference_id 1522874
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1522874
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883667
reference_id 883667
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883667
8
reference_url https://security.archlinux.org/ASA-201801-21
reference_id ASA-201801-21
reference_type
scores
url https://security.archlinux.org/ASA-201801-21
9
reference_url https://security.archlinux.org/AVG-542
reference_id AVG-542
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-542
10
reference_url https://security.gentoo.org/glsa/201801-16
reference_id GLSA-201801-16
reference_type
scores
url https://security.gentoo.org/glsa/201801-16
11
reference_url https://usn.ubuntu.com/3506-1/
reference_id USN-3506-1
reference_type
scores
url https://usn.ubuntu.com/3506-1/
12
reference_url https://usn.ubuntu.com/3506-2/
reference_id USN-3506-2
reference_type
scores
url https://usn.ubuntu.com/3506-2/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.1-3%2Bdeb8u1
purl pkg:deb/debian/rsync@3.1.1-3%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.1-3%252Bdeb8u1
1
url pkg:deb/debian/rsync@3.1.2-1%2Bdeb9u2
purl pkg:deb/debian/rsync@3.1.2-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.2-1%252Bdeb9u2
2
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2017-17433
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29gg-j4vp-7bef
1
url VCID-2c6b-ufgq-fbcw
vulnerability_id VCID-2c6b-ufgq-fbcw
summary rsync: rsync: Hostname-based ACL bypass in daemon chroot configuration
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43617.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43617.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43617
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02441
published_at 2026-06-08T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02512
published_at 2026-06-05T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02514
published_at 2026-06-06T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02456
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43617
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43617
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2469060
reference_id 2469060
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2469060
5
reference_url https://github.com/RsyncProject/rsync/security/advisories/GHSA-rjfm-3w2m-jf4f
reference_id GHSA-rjfm-3w2m-jf4f
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:24:57Z/
url https://github.com/RsyncProject/rsync/security/advisories/GHSA-rjfm-3w2m-jf4f
6
reference_url https://www.vulncheck.com/advisories/rsync-authorization-bypass-via-hostname-resolution
reference_id rsync-authorization-bypass-via-hostname-resolution
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:24:57Z/
url https://www.vulncheck.com/advisories/rsync-authorization-bypass-via-hostname-resolution
7
reference_url https://usn.ubuntu.com/8283-1/
reference_id USN-8283-1
reference_type
scores
url https://usn.ubuntu.com/8283-1/
8
reference_url https://usn.ubuntu.com/8349-1/
reference_id USN-8349-1
reference_type
scores
url https://usn.ubuntu.com/8349-1/
9
reference_url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
reference_id v3.4.3
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T13:24:57Z/
url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2026-43617
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2c6b-ufgq-fbcw
2
url VCID-3nrj-48zt-8yf7
vulnerability_id VCID-3nrj-48zt-8yf7
summary rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9512.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9512.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9512
reference_id
reference_type
scores
0
value 0.08882
scoring_system epss
scoring_elements 0.92706
published_at 2026-06-08T12:55:00Z
1
value 0.08882
scoring_system epss
scoring_elements 0.92718
published_at 2026-06-05T12:55:00Z
2
value 0.08882
scoring_system epss
scoring_elements 0.92713
published_at 2026-06-06T12:55:00Z
3
value 0.08882
scoring_system epss
scoring_elements 0.92709
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9512
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9512
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:C/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1293854
reference_id 1293854
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1293854
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778333
reference_id 778333
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778333
6
reference_url https://security.gentoo.org/glsa/201605-04
reference_id GLSA-201605-04
reference_type
scores
url https://security.gentoo.org/glsa/201605-04
7
reference_url https://usn.ubuntu.com/2879-1/
reference_id USN-2879-1
reference_type
scores
url https://usn.ubuntu.com/2879-1/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.1-3
purl pkg:deb/debian/rsync@3.1.1-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.1-3
aliases CVE-2014-9512
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3nrj-48zt-8yf7
3
url VCID-3tny-puu3-7fgp
vulnerability_id VCID-3tny-puu3-7fgp
summary rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0426.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0426.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0426
reference_id
reference_type
scores
0
value 0.03446
scoring_system epss
scoring_elements 0.87713
published_at 2026-06-04T12:55:00Z
1
value 0.03446
scoring_system epss
scoring_elements 0.87734
published_at 2026-06-05T12:55:00Z
2
value 0.03446
scoring_system epss
scoring_elements 0.87735
published_at 2026-06-07T12:55:00Z
3
value 0.03446
scoring_system epss
scoring_elements 0.87736
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0426
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0426
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0426
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617206
reference_id 1617206
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617206
4
reference_url https://access.redhat.com/errata/RHSA-2004:192
reference_id RHSA-2004:192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:192
fixed_packages
0
url pkg:deb/debian/rsync@2.6.4-6
purl pkg:deb/debian/rsync@2.6.4-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-556m-a6vw-3bfj
4
vulnerability VCID-56vk-3vsy-nkef
5
vulnerability VCID-6j5d-25zc-r7es
6
vulnerability VCID-6neq-h9yq-8fep
7
vulnerability VCID-6zwq-zvsq-rfda
8
vulnerability VCID-ay5s-4hr1-8qe5
9
vulnerability VCID-be1r-cmk6-dyb9
10
vulnerability VCID-bvzk-j9h5-zkem
11
vulnerability VCID-c97r-cqv2-r3h4
12
vulnerability VCID-f9zn-2jhn-jqg4
13
vulnerability VCID-jrfy-z2we-n7cz
14
vulnerability VCID-kxm2-1khw-suaq
15
vulnerability VCID-mwde-7pds-33c5
16
vulnerability VCID-nh72-az7j-wqde
17
vulnerability VCID-rt4a-vn86-vfd1
18
vulnerability VCID-rub5-mpqy-qke8
19
vulnerability VCID-tm8c-43cn-3fa4
20
vulnerability VCID-twpz-szrq-4ug3
21
vulnerability VCID-uaqx-g92v-sbdh
22
vulnerability VCID-vfqu-z1s4-mfa2
23
vulnerability VCID-w5qp-r7dz-h7fk
24
vulnerability VCID-wc4u-jz1n-eff9
25
vulnerability VCID-x81r-ud9r-8ybd
26
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.4-6
aliases CVE-2004-0426
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3tny-puu3-7fgp
4
url VCID-556m-a6vw-3bfj
vulnerability_id VCID-556m-a6vw-3bfj
summary Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f_name function.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4091.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4091.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4091
reference_id
reference_type
scores
0
value 0.10363
scoring_system epss
scoring_elements 0.93335
published_at 2026-06-04T12:55:00Z
1
value 0.10363
scoring_system epss
scoring_elements 0.93346
published_at 2026-06-05T12:55:00Z
2
value 0.10363
scoring_system epss
scoring_elements 0.93347
published_at 2026-06-06T12:55:00Z
3
value 0.10363
scoring_system epss
scoring_elements 0.93344
published_at 2026-06-07T12:55:00Z
4
value 0.10363
scoring_system epss
scoring_elements 0.93343
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4091
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=252394
reference_id 252394
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=252394
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438125
reference_id 438125
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438125
5
reference_url https://security.gentoo.org/glsa/200709-13
reference_id GLSA-200709-13
reference_type
scores
url https://security.gentoo.org/glsa/200709-13
6
reference_url https://usn.ubuntu.com/500-1/
reference_id USN-500-1
reference_type
scores
url https://usn.ubuntu.com/500-1/
fixed_packages
0
url pkg:deb/debian/rsync@3.0.3-2
purl pkg:deb/debian/rsync@3.0.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-6j5d-25zc-r7es
4
vulnerability VCID-6zwq-zvsq-rfda
5
vulnerability VCID-ay5s-4hr1-8qe5
6
vulnerability VCID-be1r-cmk6-dyb9
7
vulnerability VCID-bvzk-j9h5-zkem
8
vulnerability VCID-c97r-cqv2-r3h4
9
vulnerability VCID-f9zn-2jhn-jqg4
10
vulnerability VCID-jrfy-z2we-n7cz
11
vulnerability VCID-kxm2-1khw-suaq
12
vulnerability VCID-mwde-7pds-33c5
13
vulnerability VCID-nh72-az7j-wqde
14
vulnerability VCID-rt4a-vn86-vfd1
15
vulnerability VCID-rub5-mpqy-qke8
16
vulnerability VCID-tm8c-43cn-3fa4
17
vulnerability VCID-uaqx-g92v-sbdh
18
vulnerability VCID-vfqu-z1s4-mfa2
19
vulnerability VCID-wc4u-jz1n-eff9
20
vulnerability VCID-x81r-ud9r-8ybd
21
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.0.3-2
aliases CVE-2007-4091
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-556m-a6vw-3bfj
5
url VCID-56vk-3vsy-nkef
vulnerability_id VCID-56vk-3vsy-nkef
summary rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6199.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6199.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6199
reference_id
reference_type
scores
0
value 0.06572
scoring_system epss
scoring_elements 0.91315
published_at 2026-06-04T12:55:00Z
1
value 0.06572
scoring_system epss
scoring_elements 0.91329
published_at 2026-06-05T12:55:00Z
2
value 0.06572
scoring_system epss
scoring_elements 0.9133
published_at 2026-06-06T12:55:00Z
3
value 0.06572
scoring_system epss
scoring_elements 0.91326
published_at 2026-06-07T12:55:00Z
4
value 0.06572
scoring_system epss
scoring_elements 0.91321
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6199
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6199
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=407161
reference_id 407161
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=407161
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453652
reference_id 453652
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453652
fixed_packages
0
url pkg:deb/debian/rsync@3.0.3-2
purl pkg:deb/debian/rsync@3.0.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-6j5d-25zc-r7es
4
vulnerability VCID-6zwq-zvsq-rfda
5
vulnerability VCID-ay5s-4hr1-8qe5
6
vulnerability VCID-be1r-cmk6-dyb9
7
vulnerability VCID-bvzk-j9h5-zkem
8
vulnerability VCID-c97r-cqv2-r3h4
9
vulnerability VCID-f9zn-2jhn-jqg4
10
vulnerability VCID-jrfy-z2we-n7cz
11
vulnerability VCID-kxm2-1khw-suaq
12
vulnerability VCID-mwde-7pds-33c5
13
vulnerability VCID-nh72-az7j-wqde
14
vulnerability VCID-rt4a-vn86-vfd1
15
vulnerability VCID-rub5-mpqy-qke8
16
vulnerability VCID-tm8c-43cn-3fa4
17
vulnerability VCID-uaqx-g92v-sbdh
18
vulnerability VCID-vfqu-z1s4-mfa2
19
vulnerability VCID-wc4u-jz1n-eff9
20
vulnerability VCID-x81r-ud9r-8ybd
21
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.0.3-2
aliases CVE-2007-6199
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56vk-3vsy-nkef
6
url VCID-6j5d-25zc-r7es
vulnerability_id VCID-6j5d-25zc-r7es
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17434.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-17434
reference_id
reference_type
scores
0
value 0.01156
scoring_system epss
scoring_elements 0.78919
published_at 2026-06-06T12:55:00Z
1
value 0.01156
scoring_system epss
scoring_elements 0.78885
published_at 2026-06-04T12:55:00Z
2
value 0.01156
scoring_system epss
scoring_elements 0.7891
published_at 2026-06-07T12:55:00Z
3
value 0.01156
scoring_system epss
scoring_elements 0.78899
published_at 2026-06-08T12:55:00Z
4
value 0.01156
scoring_system epss
scoring_elements 0.78912
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-17434
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1522875
reference_id 1522875
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1522875
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883665
reference_id 883665
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883665
8
reference_url https://security.archlinux.org/ASA-201801-21
reference_id ASA-201801-21
reference_type
scores
url https://security.archlinux.org/ASA-201801-21
9
reference_url https://security.archlinux.org/AVG-542
reference_id AVG-542
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-542
10
reference_url https://security.gentoo.org/glsa/201801-16
reference_id GLSA-201801-16
reference_type
scores
url https://security.gentoo.org/glsa/201801-16
11
reference_url https://usn.ubuntu.com/3506-1/
reference_id USN-3506-1
reference_type
scores
url https://usn.ubuntu.com/3506-1/
12
reference_url https://usn.ubuntu.com/3506-2/
reference_id USN-3506-2
reference_type
scores
url https://usn.ubuntu.com/3506-2/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.1-3%2Bdeb8u1
purl pkg:deb/debian/rsync@3.1.1-3%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.1-3%252Bdeb8u1
1
url pkg:deb/debian/rsync@3.1.2-1%2Bdeb9u2
purl pkg:deb/debian/rsync@3.1.2-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.2-1%252Bdeb9u2
2
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2017-17434
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6j5d-25zc-r7es
7
url VCID-6neq-h9yq-8fep
vulnerability_id VCID-6neq-h9yq-8fep
summary Integer overflow in the receive_xattr function in the extended attributes patch (xattr.c) for rsync before 2.6.8 might allow attackers to execute arbitrary code via crafted extended attributes that trigger a buffer overflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2083.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2083.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-2083
reference_id
reference_type
scores
0
value 0.01506
scoring_system epss
scoring_elements 0.81497
published_at 2026-06-04T12:55:00Z
1
value 0.01506
scoring_system epss
scoring_elements 0.81525
published_at 2026-06-07T12:55:00Z
2
value 0.01506
scoring_system epss
scoring_elements 0.81527
published_at 2026-06-06T12:55:00Z
3
value 0.01506
scoring_system epss
scoring_elements 0.8152
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-2083
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2083
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2083
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=190207
reference_id 190207
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=190207
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365614
reference_id 365614
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=365614
5
reference_url https://security.gentoo.org/glsa/200605-05
reference_id GLSA-200605-05
reference_type
scores
url https://security.gentoo.org/glsa/200605-05
fixed_packages
0
url pkg:deb/debian/rsync@2.6.9-2
purl pkg:deb/debian/rsync@2.6.9-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-556m-a6vw-3bfj
4
vulnerability VCID-56vk-3vsy-nkef
5
vulnerability VCID-6j5d-25zc-r7es
6
vulnerability VCID-6zwq-zvsq-rfda
7
vulnerability VCID-ay5s-4hr1-8qe5
8
vulnerability VCID-be1r-cmk6-dyb9
9
vulnerability VCID-bvzk-j9h5-zkem
10
vulnerability VCID-c97r-cqv2-r3h4
11
vulnerability VCID-f9zn-2jhn-jqg4
12
vulnerability VCID-jrfy-z2we-n7cz
13
vulnerability VCID-kxm2-1khw-suaq
14
vulnerability VCID-mwde-7pds-33c5
15
vulnerability VCID-nh72-az7j-wqde
16
vulnerability VCID-rt4a-vn86-vfd1
17
vulnerability VCID-rub5-mpqy-qke8
18
vulnerability VCID-tm8c-43cn-3fa4
19
vulnerability VCID-twpz-szrq-4ug3
20
vulnerability VCID-uaqx-g92v-sbdh
21
vulnerability VCID-vfqu-z1s4-mfa2
22
vulnerability VCID-w5qp-r7dz-h7fk
23
vulnerability VCID-wc4u-jz1n-eff9
24
vulnerability VCID-x81r-ud9r-8ybd
25
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.9-2
aliases CVE-2006-2083
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6neq-h9yq-8fep
8
url VCID-6zwq-zvsq-rfda
vulnerability_id VCID-6zwq-zvsq-rfda
summary man-in-the-middle
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14387.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14387
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.34016
published_at 2026-06-04T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.34117
published_at 2026-06-05T12:55:00Z
2
value 0.00142
scoring_system epss
scoring_elements 0.34065
published_at 2026-06-08T12:55:00Z
3
value 0.00142
scoring_system epss
scoring_elements 0.34132
published_at 2026-06-06T12:55:00Z
4
value 0.00142
scoring_system epss
scoring_elements 0.34099
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14387
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1875549
reference_id 1875549
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1875549
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969530
reference_id 969530
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969530
5
reference_url https://security.archlinux.org/ASA-202101-1
reference_id ASA-202101-1
reference_type
scores
url https://security.archlinux.org/ASA-202101-1
6
reference_url https://security.archlinux.org/AVG-1374
reference_id AVG-1374
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1374
7
reference_url https://security.gentoo.org/glsa/202405-22
reference_id GLSA-202405-22
reference_type
scores
url https://security.gentoo.org/glsa/202405-22
fixed_packages
0
url pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1
purl pkg:deb/debian/rsync@3.2.3-4%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-7w3c-s3ph-v7fk
2
vulnerability VCID-87kn-sjx9-z3ea
3
vulnerability VCID-be1r-cmk6-dyb9
4
vulnerability VCID-c97r-cqv2-r3h4
5
vulnerability VCID-eyj3-gsf2-u7c5
6
vulnerability VCID-f9zn-2jhn-jqg4
7
vulnerability VCID-nh72-az7j-wqde
8
vulnerability VCID-rt4a-vn86-vfd1
9
vulnerability VCID-rub5-mpqy-qke8
10
vulnerability VCID-vfqu-z1s4-mfa2
11
vulnerability VCID-wc4u-jz1n-eff9
12
vulnerability VCID-y59h-bzyk-dbhf
13
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.3-4%252Bdeb11u1
aliases CVE-2020-14387
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6zwq-zvsq-rfda
9
url VCID-ay5s-4hr1-8qe5
vulnerability_id VCID-ay5s-4hr1-8qe5
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5764.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5764.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5764
reference_id
reference_type
scores
0
value 0.13133
scoring_system epss
scoring_elements 0.94261
published_at 2026-06-08T12:55:00Z
1
value 0.13133
scoring_system epss
scoring_elements 0.9425
published_at 2026-06-04T12:55:00Z
2
value 0.13133
scoring_system epss
scoring_elements 0.94262
published_at 2026-06-07T12:55:00Z
3
value 0.13133
scoring_system epss
scoring_elements 0.94259
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5764
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1536661
reference_id 1536661
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1536661
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887588
reference_id 887588
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887588
6
reference_url https://security.archlinux.org/ASA-201801-21
reference_id ASA-201801-21
reference_type
scores
url https://security.archlinux.org/ASA-201801-21
7
reference_url https://security.archlinux.org/AVG-542
reference_id AVG-542
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-542
8
reference_url https://security.gentoo.org/glsa/201805-04
reference_id GLSA-201805-04
reference_type
scores
url https://security.gentoo.org/glsa/201805-04
9
reference_url https://usn.ubuntu.com/3543-1/
reference_id USN-3543-1
reference_type
scores
url https://usn.ubuntu.com/3543-1/
10
reference_url https://usn.ubuntu.com/3543-2/
reference_id USN-3543-2
reference_type
scores
url https://usn.ubuntu.com/3543-2/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2018-5764
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ay5s-4hr1-8qe5
10
url VCID-be1r-cmk6-dyb9
vulnerability_id VCID-be1r-cmk6-dyb9
summary rsync: TOCTOU symlink race condition allowing local privilege escalation in daemon mode without chroot.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29518.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-29518.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-29518
reference_id
reference_type
scores
0
value 9e-05
scoring_system epss
scoring_elements 0.00908
published_at 2026-06-08T12:55:00Z
1
value 9e-05
scoring_system epss
scoring_elements 0.00912
published_at 2026-06-07T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00911
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-29518
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29518
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://michael.stapelberg.ch/posts/2026-05-24-minimal-memory-safe-go-rsync-vulns/
reference_id 2026-05-24-minimal-memory-safe-go-rsync-vulns
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T14:50:13Z/
url https://michael.stapelberg.ch/posts/2026-05-24-minimal-memory-safe-go-rsync-vulns/
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2469055
reference_id 2469055
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2469055
6
reference_url https://github.com/RsyncProject/rsync/pull/895/changes/8471fdd1561049ef5f58df44a1811a50bd9a531d
reference_id 8471fdd1561049ef5f58df44a1811a50bd9a531d
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T14:50:13Z/
url https://github.com/RsyncProject/rsync/pull/895/changes/8471fdd1561049ef5f58df44a1811a50bd9a531d
7
reference_url https://www.vulncheck.com/advisories/rsync-toctou-race-condition-allows-symlink-based-arbitrary-file-write
reference_id rsync-toctou-race-condition-allows-symlink-based-arbitrary-file-write
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T14:50:13Z/
url https://www.vulncheck.com/advisories/rsync-toctou-race-condition-allows-symlink-based-arbitrary-file-write
8
reference_url https://usn.ubuntu.com/8283-1/
reference_id USN-8283-1
reference_type
scores
url https://usn.ubuntu.com/8283-1/
9
reference_url https://usn.ubuntu.com/8349-1/
reference_id USN-8349-1
reference_type
scores
url https://usn.ubuntu.com/8349-1/
10
reference_url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
reference_id v3.4.3
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T14:50:13Z/
url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2026-29518
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-be1r-cmk6-dyb9
11
url VCID-bvzk-j9h5-zkem
vulnerability_id VCID-bvzk-j9h5-zkem
summary The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9842
reference_id
reference_type
scores
0
value 0.12602
scoring_system epss
scoring_elements 0.94092
published_at 2026-06-06T12:55:00Z
1
value 0.12602
scoring_system epss
scoring_elements 0.94095
published_at 2026-06-07T12:55:00Z
2
value 0.12602
scoring_system epss
scoring_elements 0.94094
published_at 2026-06-08T12:55:00Z
3
value 0.13024
scoring_system epss
scoring_elements 0.94218
published_at 2026-06-04T12:55:00Z
4
value 0.14635
scoring_system epss
scoring_elements 0.94609
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9842
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1039427
reference_id 1039427
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url http://www.securitytracker.com/id/1039427
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1402348
reference_id 1402348
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1402348
6
reference_url http://www.openwall.com/lists/oss-security/2016/12/05/21
reference_id 21
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url http://www.openwall.com/lists/oss-security/2016/12/05/21
7
reference_url https://usn.ubuntu.com/4246-1/
reference_id 4246-1
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://usn.ubuntu.com/4246-1/
8
reference_url https://usn.ubuntu.com/4292-1/
reference_id 4292-1
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://usn.ubuntu.com/4292-1/
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274
reference_id 847274
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id 924509
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
11
reference_url http://www.securityfocus.com/bid/95131
reference_id 95131
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url http://www.securityfocus.com/bid/95131
12
reference_url https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
reference_id Completed#zlib
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib
13
reference_url https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
reference_id e54e1299404101a5a9d0cf5e45512b543967f958
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958
14
reference_url https://security.gentoo.org/glsa/201701-56
reference_id GLSA-201701-56
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://security.gentoo.org/glsa/201701-56
15
reference_url https://security.gentoo.org/glsa/202007-54
reference_id GLSA-202007-54
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://security.gentoo.org/glsa/202007-54
16
reference_url https://support.apple.com/HT208112
reference_id HT208112
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://support.apple.com/HT208112
17
reference_url https://support.apple.com/HT208113
reference_id HT208113
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://support.apple.com/HT208113
18
reference_url https://support.apple.com/HT208115
reference_id HT208115
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://support.apple.com/HT208115
19
reference_url https://support.apple.com/HT208144
reference_id HT208144
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://support.apple.com/HT208144
20
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html
reference_id msg00027.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html
21
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html
22
reference_url http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html
reference_id msg00050.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html
23
reference_url http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html
reference_id msg00053.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html
24
reference_url http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html
reference_id msg00127.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html
25
reference_url https://access.redhat.com/errata/RHSA-2017:1220
reference_id RHSA-2017:1220
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://access.redhat.com/errata/RHSA-2017:1220
26
reference_url https://access.redhat.com/errata/RHSA-2017:1221
reference_id RHSA-2017:1221
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://access.redhat.com/errata/RHSA-2017:1221
27
reference_url https://access.redhat.com/errata/RHSA-2017:1222
reference_id RHSA-2017:1222
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://access.redhat.com/errata/RHSA-2017:1222
28
reference_url https://access.redhat.com/errata/RHSA-2017:2999
reference_id RHSA-2017:2999
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://access.redhat.com/errata/RHSA-2017:2999
29
reference_url https://access.redhat.com/errata/RHSA-2017:3046
reference_id RHSA-2017:3046
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://access.redhat.com/errata/RHSA-2017:3046
30
reference_url https://access.redhat.com/errata/RHSA-2017:3047
reference_id RHSA-2017:3047
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://access.redhat.com/errata/RHSA-2017:3047
31
reference_url https://access.redhat.com/errata/RHSA-2017:3453
reference_id RHSA-2017:3453
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://access.redhat.com/errata/RHSA-2017:3453
32
reference_url https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
reference_id Zlib-report.pdf
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/
url https://wiki.mozilla.org/images/0/09/Zlib-report.pdf
fixed_packages
0
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2016-9842
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvzk-j9h5-zkem
12
url VCID-c97r-cqv2-r3h4
vulnerability_id VCID-c97r-cqv2-r3h4
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12085.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12085.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-12085
reference_id
reference_type
scores
0
value 0.1902
scoring_system epss
scoring_elements 0.95458
published_at 2026-06-07T12:55:00Z
1
value 0.1902
scoring_system epss
scoring_elements 0.95459
published_at 2026-06-08T12:55:00Z
2
value 0.1902
scoring_system epss
scoring_elements 0.95453
published_at 2026-06-05T12:55:00Z
3
value 0.1902
scoring_system epss
scoring_elements 0.95456
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-12085
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12085
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2330539
reference_id 2330539
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2330539
5
reference_url https://kb.cert.org/vuls/id/952657
reference_id 952657
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://kb.cert.org/vuls/id/952657
6
reference_url https://security.archlinux.org/ASA-202501-1
reference_id ASA-202501-1
reference_type
scores
url https://security.archlinux.org/ASA-202501-1
7
reference_url https://security.archlinux.org/AVG-2858
reference_id AVG-2858
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2858
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9
reference_id cpe:/a:redhat:logging:5.8::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.8::el9
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.9::el9
reference_id cpe:/a:redhat:logging:5.9::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:logging:5.9::el9
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_compliance_operator:1::el9
reference_id cpe:/a:redhat:openshift_compliance_operator:1::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_compliance_operator:1::el9
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6
reference_id cpe:/o:redhat:rhel_els:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id cpe:/o:redhat:rhel_els:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
reference_id cpe:/o:redhat:rhel_tus:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
40
reference_url https://access.redhat.com/security/cve/CVE-2024-12085
reference_id CVE-2024-12085
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/security/cve/CVE-2024-12085
41
reference_url https://security.gentoo.org/glsa/202501-01
reference_id GLSA-202501-01
reference_type
scores
url https://security.gentoo.org/glsa/202501-01
42
reference_url https://access.redhat.com/errata/RHBA-2025:6470
reference_id RHBA-2025:6470
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHBA-2025:6470
43
reference_url https://access.redhat.com/errata/RHSA-2025:0324
reference_id RHSA-2025:0324
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0324
44
reference_url https://access.redhat.com/errata/RHSA-2025:0325
reference_id RHSA-2025:0325
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0325
45
reference_url https://access.redhat.com/errata/RHSA-2025:0637
reference_id RHSA-2025:0637
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0637
46
reference_url https://access.redhat.com/errata/RHSA-2025:0688
reference_id RHSA-2025:0688
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0688
47
reference_url https://access.redhat.com/errata/RHSA-2025:0714
reference_id RHSA-2025:0714
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0714
48
reference_url https://access.redhat.com/errata/RHSA-2025:0774
reference_id RHSA-2025:0774
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0774
49
reference_url https://access.redhat.com/errata/RHSA-2025:0787
reference_id RHSA-2025:0787
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0787
50
reference_url https://access.redhat.com/errata/RHSA-2025:0790
reference_id RHSA-2025:0790
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0790
51
reference_url https://access.redhat.com/errata/RHSA-2025:0849
reference_id RHSA-2025:0849
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0849
52
reference_url https://access.redhat.com/errata/RHSA-2025:0884
reference_id RHSA-2025:0884
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0884
53
reference_url https://access.redhat.com/errata/RHSA-2025:0885
reference_id RHSA-2025:0885
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:0885
54
reference_url https://access.redhat.com/errata/RHSA-2025:1120
reference_id RHSA-2025:1120
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:1120
55
reference_url https://access.redhat.com/errata/RHSA-2025:1123
reference_id RHSA-2025:1123
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:1123
56
reference_url https://access.redhat.com/errata/RHSA-2025:1128
reference_id RHSA-2025:1128
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:1128
57
reference_url https://access.redhat.com/errata/RHSA-2025:1225
reference_id RHSA-2025:1225
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:1225
58
reference_url https://access.redhat.com/errata/RHSA-2025:1227
reference_id RHSA-2025:1227
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:1227
59
reference_url https://access.redhat.com/errata/RHSA-2025:1242
reference_id RHSA-2025:1242
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:1242
60
reference_url https://access.redhat.com/errata/RHSA-2025:1451
reference_id RHSA-2025:1451
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:1451
61
reference_url https://access.redhat.com/errata/RHSA-2025:21885
reference_id RHSA-2025:21885
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-27T04:55:14Z/
url https://access.redhat.com/errata/RHSA-2025:21885
62
reference_url https://usn.ubuntu.com/7206-1/
reference_id USN-7206-1
reference_type
scores
url https://usn.ubuntu.com/7206-1/
63
reference_url https://usn.ubuntu.com/7206-3/
reference_id USN-7206-3
reference_type
scores
url https://usn.ubuntu.com/7206-3/
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2024-12085
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c97r-cqv2-r3h4
13
url VCID-e8g3-c9dj-a3am
vulnerability_id VCID-e8g3-c9dj-a3am
summary Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0792.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0792.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0792
reference_id
reference_type
scores
0
value 0.00777
scoring_system epss
scoring_elements 0.74001
published_at 2026-06-04T12:55:00Z
1
value 0.00777
scoring_system epss
scoring_elements 0.74034
published_at 2026-06-05T12:55:00Z
2
value 0.00777
scoring_system epss
scoring_elements 0.74038
published_at 2026-06-06T12:55:00Z
3
value 0.00777
scoring_system epss
scoring_elements 0.74024
published_at 2026-06-07T12:55:00Z
4
value 0.00777
scoring_system epss
scoring_elements 0.74007
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0792
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0792
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617292
reference_id 1617292
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617292
4
reference_url https://security.gentoo.org/glsa/200408-17
reference_id GLSA-200408-17
reference_type
scores
url https://security.gentoo.org/glsa/200408-17
5
reference_url https://access.redhat.com/errata/RHSA-2004:436
reference_id RHSA-2004:436
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:436
fixed_packages
0
url pkg:deb/debian/rsync@2.6.4-6
purl pkg:deb/debian/rsync@2.6.4-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-556m-a6vw-3bfj
4
vulnerability VCID-56vk-3vsy-nkef
5
vulnerability VCID-6j5d-25zc-r7es
6
vulnerability VCID-6neq-h9yq-8fep
7
vulnerability VCID-6zwq-zvsq-rfda
8
vulnerability VCID-ay5s-4hr1-8qe5
9
vulnerability VCID-be1r-cmk6-dyb9
10
vulnerability VCID-bvzk-j9h5-zkem
11
vulnerability VCID-c97r-cqv2-r3h4
12
vulnerability VCID-f9zn-2jhn-jqg4
13
vulnerability VCID-jrfy-z2we-n7cz
14
vulnerability VCID-kxm2-1khw-suaq
15
vulnerability VCID-mwde-7pds-33c5
16
vulnerability VCID-nh72-az7j-wqde
17
vulnerability VCID-rt4a-vn86-vfd1
18
vulnerability VCID-rub5-mpqy-qke8
19
vulnerability VCID-tm8c-43cn-3fa4
20
vulnerability VCID-twpz-szrq-4ug3
21
vulnerability VCID-uaqx-g92v-sbdh
22
vulnerability VCID-vfqu-z1s4-mfa2
23
vulnerability VCID-w5qp-r7dz-h7fk
24
vulnerability VCID-wc4u-jz1n-eff9
25
vulnerability VCID-x81r-ud9r-8ybd
26
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.4-6
aliases CVE-2004-0792
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8g3-c9dj-a3am
14
url VCID-f9zn-2jhn-jqg4
vulnerability_id VCID-f9zn-2jhn-jqg4
summary rsync: rsync: Symlink race vulnerability allows unauthorized file operations
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43619.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43619.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43619
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00528
published_at 2026-06-08T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00534
published_at 2026-06-06T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00532
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43619
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43619
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43619
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2469058
reference_id 2469058
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2469058
5
reference_url https://github.com/RsyncProject/rsync/security/advisories/GHSA-4h9m-w5ff-j735
reference_id GHSA-4h9m-w5ff-j735
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T13:09:05Z/
url https://github.com/RsyncProject/rsync/security/advisories/GHSA-4h9m-w5ff-j735
6
reference_url https://www.vulncheck.com/advisories/rsync-symlink-race-condition-via-path-based-syscalls
reference_id rsync-symlink-race-condition-via-path-based-syscalls
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T13:09:05Z/
url https://www.vulncheck.com/advisories/rsync-symlink-race-condition-via-path-based-syscalls
7
reference_url https://usn.ubuntu.com/8283-1/
reference_id USN-8283-1
reference_type
scores
url https://usn.ubuntu.com/8283-1/
8
reference_url https://usn.ubuntu.com/8349-1/
reference_id USN-8349-1
reference_type
scores
url https://usn.ubuntu.com/8349-1/
9
reference_url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
reference_id v3.4.3
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T13:09:05Z/
url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2026-43619
risk_score 3.2
exploitability 0.5
weighted_severity 6.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9zn-2jhn-jqg4
15
url VCID-jrfy-z2we-n7cz
vulnerability_id VCID-jrfy-z2we-n7cz
summary inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9841
reference_id
reference_type
scores
0
value 0.13495
scoring_system epss
scoring_elements 0.94345
published_at 2026-06-04T12:55:00Z
1
value 0.19177
scoring_system epss
scoring_elements 0.95488
published_at 2026-06-08T12:55:00Z
2
value 0.19177
scoring_system epss
scoring_elements 0.95485
published_at 2026-06-06T12:55:00Z
3
value 0.19177
scoring_system epss
scoring_elements 0.95487
published_at 2026-06-07T12:55:00Z
4
value 0.23605
scoring_system epss
scoring_elements 0.96092
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9841
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1402346
reference_id 1402346
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1402346
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270
reference_id 847270
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id 924509
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
7
reference_url https://security.gentoo.org/glsa/201701-56
reference_id GLSA-201701-56
reference_type
scores
url https://security.gentoo.org/glsa/201701-56
8
reference_url https://security.gentoo.org/glsa/202007-54
reference_id GLSA-202007-54
reference_type
scores
url https://security.gentoo.org/glsa/202007-54
9
reference_url https://access.redhat.com/errata/RHSA-2017:1220
reference_id RHSA-2017:1220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1220
10
reference_url https://access.redhat.com/errata/RHSA-2017:1221
reference_id RHSA-2017:1221
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1221
11
reference_url https://access.redhat.com/errata/RHSA-2017:1222
reference_id RHSA-2017:1222
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1222
12
reference_url https://access.redhat.com/errata/RHSA-2017:2999
reference_id RHSA-2017:2999
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2999
13
reference_url https://access.redhat.com/errata/RHSA-2017:3046
reference_id RHSA-2017:3046
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3046
14
reference_url https://access.redhat.com/errata/RHSA-2017:3047
reference_id RHSA-2017:3047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3047
15
reference_url https://access.redhat.com/errata/RHSA-2017:3453
reference_id RHSA-2017:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3453
16
reference_url https://usn.ubuntu.com/6736-1/
reference_id USN-6736-1
reference_type
scores
url https://usn.ubuntu.com/6736-1/
17
reference_url https://usn.ubuntu.com/6736-2/
reference_id USN-6736-2
reference_type
scores
url https://usn.ubuntu.com/6736-2/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2016-9841
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jrfy-z2we-n7cz
16
url VCID-kxm2-1khw-suaq
vulnerability_id VCID-kxm2-1khw-suaq
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16548.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16548.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-16548
reference_id
reference_type
scores
0
value 0.03341
scoring_system epss
scoring_elements 0.87526
published_at 2026-06-04T12:55:00Z
1
value 0.03341
scoring_system epss
scoring_elements 0.87543
published_at 2026-06-08T12:55:00Z
2
value 0.03341
scoring_system epss
scoring_elements 0.87545
published_at 2026-06-06T12:55:00Z
3
value 0.03341
scoring_system epss
scoring_elements 0.87544
published_at 2026-06-07T12:55:00Z
4
value 0.03341
scoring_system epss
scoring_elements 0.87547
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-16548
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1511411
reference_id 1511411
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1511411
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880954
reference_id 880954
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880954
8
reference_url https://security.archlinux.org/ASA-201801-21
reference_id ASA-201801-21
reference_type
scores
url https://security.archlinux.org/ASA-201801-21
9
reference_url https://security.archlinux.org/AVG-542
reference_id AVG-542
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-542
10
reference_url https://security.gentoo.org/glsa/201801-16
reference_id GLSA-201801-16
reference_type
scores
url https://security.gentoo.org/glsa/201801-16
11
reference_url https://usn.ubuntu.com/3543-1/
reference_id USN-3543-1
reference_type
scores
url https://usn.ubuntu.com/3543-1/
12
reference_url https://usn.ubuntu.com/3543-2/
reference_id USN-3543-2
reference_type
scores
url https://usn.ubuntu.com/3543-2/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.1-3%2Bdeb8u1
purl pkg:deb/debian/rsync@3.1.1-3%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.1-3%252Bdeb8u1
1
url pkg:deb/debian/rsync@3.1.2-1%2Bdeb9u2
purl pkg:deb/debian/rsync@3.1.2-1%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.2-1%252Bdeb9u2
2
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2017-16548
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kxm2-1khw-suaq
17
url VCID-mwde-7pds-33c5
vulnerability_id VCID-mwde-7pds-33c5
summary The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2855.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2855.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2855
reference_id
reference_type
scores
0
value 0.17189
scoring_system epss
scoring_elements 0.95143
published_at 2026-06-04T12:55:00Z
1
value 0.17189
scoring_system epss
scoring_elements 0.95151
published_at 2026-06-05T12:55:00Z
2
value 0.17189
scoring_system epss
scoring_elements 0.95152
published_at 2026-06-06T12:55:00Z
3
value 0.17189
scoring_system epss
scoring_elements 0.95154
published_at 2026-06-07T12:55:00Z
4
value 0.17189
scoring_system epss
scoring_elements 0.95153
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2855
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2855
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1087841
reference_id 1087841
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1087841
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744791
reference_id 744791
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744791
5
reference_url https://usn.ubuntu.com/2171-1/
reference_id USN-2171-1
reference_type
scores
url https://usn.ubuntu.com/2171-1/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.1-3
purl pkg:deb/debian/rsync@3.1.1-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-6j5d-25zc-r7es
3
vulnerability VCID-6zwq-zvsq-rfda
4
vulnerability VCID-ay5s-4hr1-8qe5
5
vulnerability VCID-be1r-cmk6-dyb9
6
vulnerability VCID-bvzk-j9h5-zkem
7
vulnerability VCID-c97r-cqv2-r3h4
8
vulnerability VCID-f9zn-2jhn-jqg4
9
vulnerability VCID-jrfy-z2we-n7cz
10
vulnerability VCID-kxm2-1khw-suaq
11
vulnerability VCID-nh72-az7j-wqde
12
vulnerability VCID-rt4a-vn86-vfd1
13
vulnerability VCID-rub5-mpqy-qke8
14
vulnerability VCID-tm8c-43cn-3fa4
15
vulnerability VCID-uaqx-g92v-sbdh
16
vulnerability VCID-vfqu-z1s4-mfa2
17
vulnerability VCID-wc4u-jz1n-eff9
18
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.1-3
aliases CVE-2014-2855
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mwde-7pds-33c5
18
url VCID-nh72-az7j-wqde
vulnerability_id VCID-nh72-az7j-wqde
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12747.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12747.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-12747
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01457
published_at 2026-06-08T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01455
published_at 2026-06-05T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01463
published_at 2026-06-06T12:55:00Z
3
value 0.00011
scoring_system epss
scoring_elements 0.01465
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-12747
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12747
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12747
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2332968
reference_id 2332968
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2332968
5
reference_url https://kb.cert.org/vuls/id/952657
reference_id 952657
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/
url https://kb.cert.org/vuls/id/952657
6
reference_url https://security.archlinux.org/ASA-202501-1
reference_id ASA-202501-1
reference_type
scores
url https://security.archlinux.org/ASA-202501-1
7
reference_url https://security.archlinux.org/AVG-2858
reference_id AVG-2858
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2858
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
16
reference_url https://access.redhat.com/security/cve/CVE-2024-12747
reference_id CVE-2024-12747
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/
url https://access.redhat.com/security/cve/CVE-2024-12747
17
reference_url https://security.gentoo.org/glsa/202501-01
reference_id GLSA-202501-01
reference_type
scores
url https://security.gentoo.org/glsa/202501-01
18
reference_url https://access.redhat.com/errata/RHBA-2025:6470
reference_id RHBA-2025:6470
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/
url https://access.redhat.com/errata/RHBA-2025:6470
19
reference_url https://access.redhat.com/errata/RHSA-2025:2600
reference_id RHSA-2025:2600
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/
url https://access.redhat.com/errata/RHSA-2025:2600
20
reference_url https://access.redhat.com/errata/RHSA-2025:7050
reference_id RHSA-2025:7050
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/
url https://access.redhat.com/errata/RHSA-2025:7050
21
reference_url https://access.redhat.com/errata/RHSA-2025:8385
reference_id RHSA-2025:8385
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:38:10Z/
url https://access.redhat.com/errata/RHSA-2025:8385
22
reference_url https://usn.ubuntu.com/7206-1/
reference_id USN-7206-1
reference_type
scores
url https://usn.ubuntu.com/7206-1/
23
reference_url https://usn.ubuntu.com/7206-3/
reference_id USN-7206-3
reference_type
scores
url https://usn.ubuntu.com/7206-3/
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2024-12747
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nh72-az7j-wqde
19
url VCID-rt4a-vn86-vfd1
vulnerability_id VCID-rt4a-vn86-vfd1
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12088.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12088.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-12088
reference_id
reference_type
scores
0
value 0.0247
scoring_system epss
scoring_elements 0.85555
published_at 2026-06-08T12:55:00Z
1
value 0.0247
scoring_system epss
scoring_elements 0.85568
published_at 2026-06-05T12:55:00Z
2
value 0.0247
scoring_system epss
scoring_elements 0.85573
published_at 2026-06-06T12:55:00Z
3
value 0.0247
scoring_system epss
scoring_elements 0.8557
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-12088
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12088
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12088
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2330676
reference_id 2330676
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2330676
5
reference_url https://kb.cert.org/vuls/id/952657
reference_id 952657
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/
url https://kb.cert.org/vuls/id/952657
6
reference_url https://security.archlinux.org/ASA-202501-1
reference_id ASA-202501-1
reference_type
scores
url https://security.archlinux.org/ASA-202501-1
7
reference_url https://security.archlinux.org/AVG-2858
reference_id AVG-2858
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2858
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
16
reference_url https://access.redhat.com/security/cve/CVE-2024-12088
reference_id CVE-2024-12088
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/
url https://access.redhat.com/security/cve/CVE-2024-12088
17
reference_url https://security.gentoo.org/glsa/202501-01
reference_id GLSA-202501-01
reference_type
scores
url https://security.gentoo.org/glsa/202501-01
18
reference_url https://access.redhat.com/errata/RHBA-2025:6470
reference_id RHBA-2025:6470
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/
url https://access.redhat.com/errata/RHBA-2025:6470
19
reference_url https://access.redhat.com/errata/RHSA-2025:2600
reference_id RHSA-2025:2600
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/
url https://access.redhat.com/errata/RHSA-2025:2600
20
reference_url https://access.redhat.com/errata/RHSA-2025:7050
reference_id RHSA-2025:7050
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/
url https://access.redhat.com/errata/RHSA-2025:7050
21
reference_url https://access.redhat.com/errata/RHSA-2025:8385
reference_id RHSA-2025:8385
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:13:08Z/
url https://access.redhat.com/errata/RHSA-2025:8385
22
reference_url https://usn.ubuntu.com/7206-1/
reference_id USN-7206-1
reference_type
scores
url https://usn.ubuntu.com/7206-1/
23
reference_url https://usn.ubuntu.com/7206-3/
reference_id USN-7206-3
reference_type
scores
url https://usn.ubuntu.com/7206-3/
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2024-12088
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rt4a-vn86-vfd1
20
url VCID-rub5-mpqy-qke8
vulnerability_id VCID-rub5-mpqy-qke8
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12086.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12086.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-12086
reference_id
reference_type
scores
0
value 0.01913
scoring_system epss
scoring_elements 0.8365
published_at 2026-06-08T12:55:00Z
1
value 0.01913
scoring_system epss
scoring_elements 0.8366
published_at 2026-06-05T12:55:00Z
2
value 0.01913
scoring_system epss
scoring_elements 0.83661
published_at 2026-06-06T12:55:00Z
3
value 0.01913
scoring_system epss
scoring_elements 0.83657
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-12086
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12086
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12086
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2330577
reference_id 2330577
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2330577
5
reference_url https://kb.cert.org/vuls/id/952657
reference_id 952657
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/
url https://kb.cert.org/vuls/id/952657
6
reference_url https://security.archlinux.org/ASA-202501-1
reference_id ASA-202501-1
reference_type
scores
url https://security.archlinux.org/ASA-202501-1
7
reference_url https://security.archlinux.org/AVG-2858
reference_id AVG-2858
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2858
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
reference_id cpe:/a:redhat:rhel_eus:9.6::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.6::appstream
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
reference_id cpe:/o:redhat:rhel_eus:9.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.6::baseos
17
reference_url https://access.redhat.com/security/cve/CVE-2024-12086
reference_id CVE-2024-12086
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/
url https://access.redhat.com/security/cve/CVE-2024-12086
18
reference_url https://security.gentoo.org/glsa/202501-01
reference_id GLSA-202501-01
reference_type
scores
url https://security.gentoo.org/glsa/202501-01
19
reference_url https://access.redhat.com/errata/RHBA-2025:6470
reference_id RHBA-2025:6470
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/
url https://access.redhat.com/errata/RHBA-2025:6470
20
reference_url https://access.redhat.com/errata/RHSA-2026:19368
reference_id RHSA-2026:19368
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/
url https://access.redhat.com/errata/RHSA-2026:19368
21
reference_url https://access.redhat.com/errata/RHSA-2026:20603
reference_id RHSA-2026:20603
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:14:25Z/
url https://access.redhat.com/errata/RHSA-2026:20603
22
reference_url https://usn.ubuntu.com/7206-1/
reference_id USN-7206-1
reference_type
scores
url https://usn.ubuntu.com/7206-1/
23
reference_url https://usn.ubuntu.com/7206-3/
reference_id USN-7206-3
reference_type
scores
url https://usn.ubuntu.com/7206-3/
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2024-12086
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rub5-mpqy-qke8
21
url VCID-shem-sbrm-mba8
vulnerability_id VCID-shem-sbrm-mba8
summary Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PROXY environment variable. NOTE: since rsync is not setuid, this issue does not provide any additional privileges beyond those that are already available to the user. Therefore this issue may be REJECTED in the future.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-2093
reference_id
reference_type
scores
0
value 0.00728
scoring_system epss
scoring_elements 0.73002
published_at 2026-06-04T12:55:00Z
1
value 0.00728
scoring_system epss
scoring_elements 0.7304
published_at 2026-06-05T12:55:00Z
2
value 0.00728
scoring_system epss
scoring_elements 0.73046
published_at 2026-06-06T12:55:00Z
3
value 0.00728
scoring_system epss
scoring_elements 0.7303
published_at 2026-06-07T12:55:00Z
4
value 0.00728
scoring_system epss
scoring_elements 0.73017
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-2093
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2093
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2093
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/152.c
reference_id OSVDB-45182;CVE-2004-2093
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/152.c
fixed_packages
0
url pkg:deb/debian/rsync@2.6.4-6
purl pkg:deb/debian/rsync@2.6.4-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-556m-a6vw-3bfj
4
vulnerability VCID-56vk-3vsy-nkef
5
vulnerability VCID-6j5d-25zc-r7es
6
vulnerability VCID-6neq-h9yq-8fep
7
vulnerability VCID-6zwq-zvsq-rfda
8
vulnerability VCID-ay5s-4hr1-8qe5
9
vulnerability VCID-be1r-cmk6-dyb9
10
vulnerability VCID-bvzk-j9h5-zkem
11
vulnerability VCID-c97r-cqv2-r3h4
12
vulnerability VCID-f9zn-2jhn-jqg4
13
vulnerability VCID-jrfy-z2we-n7cz
14
vulnerability VCID-kxm2-1khw-suaq
15
vulnerability VCID-mwde-7pds-33c5
16
vulnerability VCID-nh72-az7j-wqde
17
vulnerability VCID-rt4a-vn86-vfd1
18
vulnerability VCID-rub5-mpqy-qke8
19
vulnerability VCID-tm8c-43cn-3fa4
20
vulnerability VCID-twpz-szrq-4ug3
21
vulnerability VCID-uaqx-g92v-sbdh
22
vulnerability VCID-vfqu-z1s4-mfa2
23
vulnerability VCID-w5qp-r7dz-h7fk
24
vulnerability VCID-wc4u-jz1n-eff9
25
vulnerability VCID-x81r-ud9r-8ybd
26
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.4-6
aliases CVE-2004-2093
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-shem-sbrm-mba8
22
url VCID-syr4-38sr-5ye2
vulnerability_id VCID-syr4-38sr-5ye2
summary Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0962.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0962.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0962
reference_id
reference_type
scores
0
value 0.44259
scoring_system epss
scoring_elements 0.97621
published_at 2026-06-04T12:55:00Z
1
value 0.44259
scoring_system epss
scoring_elements 0.97624
published_at 2026-06-05T12:55:00Z
2
value 0.44259
scoring_system epss
scoring_elements 0.97626
published_at 2026-06-07T12:55:00Z
3
value 0.44259
scoring_system epss
scoring_elements 0.97627
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0962
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0962
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0962
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617105
reference_id 1617105
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617105
4
reference_url https://access.redhat.com/errata/RHSA-2003:398
reference_id RHSA-2003:398
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:398
5
reference_url https://access.redhat.com/errata/RHSA-2003:399
reference_id RHSA-2003:399
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:399
fixed_packages
0
url pkg:deb/debian/rsync@2.6.4-6
purl pkg:deb/debian/rsync@2.6.4-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-556m-a6vw-3bfj
4
vulnerability VCID-56vk-3vsy-nkef
5
vulnerability VCID-6j5d-25zc-r7es
6
vulnerability VCID-6neq-h9yq-8fep
7
vulnerability VCID-6zwq-zvsq-rfda
8
vulnerability VCID-ay5s-4hr1-8qe5
9
vulnerability VCID-be1r-cmk6-dyb9
10
vulnerability VCID-bvzk-j9h5-zkem
11
vulnerability VCID-c97r-cqv2-r3h4
12
vulnerability VCID-f9zn-2jhn-jqg4
13
vulnerability VCID-jrfy-z2we-n7cz
14
vulnerability VCID-kxm2-1khw-suaq
15
vulnerability VCID-mwde-7pds-33c5
16
vulnerability VCID-nh72-az7j-wqde
17
vulnerability VCID-rt4a-vn86-vfd1
18
vulnerability VCID-rub5-mpqy-qke8
19
vulnerability VCID-tm8c-43cn-3fa4
20
vulnerability VCID-twpz-szrq-4ug3
21
vulnerability VCID-uaqx-g92v-sbdh
22
vulnerability VCID-vfqu-z1s4-mfa2
23
vulnerability VCID-w5qp-r7dz-h7fk
24
vulnerability VCID-wc4u-jz1n-eff9
25
vulnerability VCID-x81r-ud9r-8ybd
26
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.6.4-6
aliases CVE-2003-0962
risk_score 0.2
exploitability 0.5
weighted_severity 0.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-syr4-38sr-5ye2
23
url VCID-tm8c-43cn-3fa4
vulnerability_id VCID-tm8c-43cn-3fa4
summary inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9840
reference_id
reference_type
scores
0
value 0.09831
scoring_system epss
scoring_elements 0.93124
published_at 2026-06-08T12:55:00Z
1
value 0.09831
scoring_system epss
scoring_elements 0.93129
published_at 2026-06-06T12:55:00Z
2
value 0.09831
scoring_system epss
scoring_elements 0.93126
published_at 2026-06-07T12:55:00Z
3
value 0.12517
scoring_system epss
scoring_elements 0.9407
published_at 2026-06-05T12:55:00Z
4
value 0.12517
scoring_system epss
scoring_elements 0.94062
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9840
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1402345
reference_id 1402345
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1402345
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270
reference_id 847270
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id 924509
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
7
reference_url https://security.gentoo.org/glsa/201701-56
reference_id GLSA-201701-56
reference_type
scores
url https://security.gentoo.org/glsa/201701-56
8
reference_url https://security.gentoo.org/glsa/202007-54
reference_id GLSA-202007-54
reference_type
scores
url https://security.gentoo.org/glsa/202007-54
9
reference_url https://access.redhat.com/errata/RHSA-2017:1220
reference_id RHSA-2017:1220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1220
10
reference_url https://access.redhat.com/errata/RHSA-2017:1221
reference_id RHSA-2017:1221
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1221
11
reference_url https://access.redhat.com/errata/RHSA-2017:1222
reference_id RHSA-2017:1222
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1222
12
reference_url https://access.redhat.com/errata/RHSA-2017:2999
reference_id RHSA-2017:2999
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2999
13
reference_url https://access.redhat.com/errata/RHSA-2017:3046
reference_id RHSA-2017:3046
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3046
14
reference_url https://access.redhat.com/errata/RHSA-2017:3047
reference_id RHSA-2017:3047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3047
15
reference_url https://access.redhat.com/errata/RHSA-2017:3453
reference_id RHSA-2017:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3453
16
reference_url https://access.redhat.com/errata/RHSA-2025:10541
reference_id RHSA-2025:10541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10541
17
reference_url https://access.redhat.com/errata/RHSA-2025:11048
reference_id RHSA-2025:11048
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11048
18
reference_url https://access.redhat.com/errata/RHSA-2025:12013
reference_id RHSA-2025:12013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12013
19
reference_url https://access.redhat.com/errata/RHSA-2025:13947
reference_id RHSA-2025:13947
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13947
20
reference_url https://access.redhat.com/errata/RHSA-2025:8280
reference_id RHSA-2025:8280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8280
21
reference_url https://access.redhat.com/errata/RHSA-2025:8284
reference_id RHSA-2025:8284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8284
22
reference_url https://access.redhat.com/errata/RHSA-2025:8314
reference_id RHSA-2025:8314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8314
23
reference_url https://access.redhat.com/errata/RHSA-2025:8395
reference_id RHSA-2025:8395
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8395
24
reference_url https://usn.ubuntu.com/6736-1/
reference_id USN-6736-1
reference_type
scores
url https://usn.ubuntu.com/6736-1/
25
reference_url https://usn.ubuntu.com/6736-2/
reference_id USN-6736-2
reference_type
scores
url https://usn.ubuntu.com/6736-2/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2016-9840
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tm8c-43cn-3fa4
24
url VCID-twpz-szrq-4ug3
vulnerability_id VCID-twpz-szrq-4ug3
summary Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1720.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1720
reference_id
reference_type
scores
0
value 0.08442
scoring_system epss
scoring_elements 0.92489
published_at 2026-06-04T12:55:00Z
1
value 0.08442
scoring_system epss
scoring_elements 0.92502
published_at 2026-06-05T12:55:00Z
2
value 0.08442
scoring_system epss
scoring_elements 0.92497
published_at 2026-06-06T12:55:00Z
3
value 0.08442
scoring_system epss
scoring_elements 0.92492
published_at 2026-06-07T12:55:00Z
4
value 0.08442
scoring_system epss
scoring_elements 0.92491
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1720
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1720
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=441683
reference_id 441683
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=441683
4
reference_url https://security.gentoo.org/glsa/200804-16
reference_id GLSA-200804-16
reference_type
scores
url https://security.gentoo.org/glsa/200804-16
5
reference_url https://usn.ubuntu.com/600-1/
reference_id USN-600-1
reference_type
scores
url https://usn.ubuntu.com/600-1/
fixed_packages
0
url pkg:deb/debian/rsync@3.0.3-2
purl pkg:deb/debian/rsync@3.0.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-6j5d-25zc-r7es
4
vulnerability VCID-6zwq-zvsq-rfda
5
vulnerability VCID-ay5s-4hr1-8qe5
6
vulnerability VCID-be1r-cmk6-dyb9
7
vulnerability VCID-bvzk-j9h5-zkem
8
vulnerability VCID-c97r-cqv2-r3h4
9
vulnerability VCID-f9zn-2jhn-jqg4
10
vulnerability VCID-jrfy-z2we-n7cz
11
vulnerability VCID-kxm2-1khw-suaq
12
vulnerability VCID-mwde-7pds-33c5
13
vulnerability VCID-nh72-az7j-wqde
14
vulnerability VCID-rt4a-vn86-vfd1
15
vulnerability VCID-rub5-mpqy-qke8
16
vulnerability VCID-tm8c-43cn-3fa4
17
vulnerability VCID-uaqx-g92v-sbdh
18
vulnerability VCID-vfqu-z1s4-mfa2
19
vulnerability VCID-wc4u-jz1n-eff9
20
vulnerability VCID-x81r-ud9r-8ybd
21
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.0.3-2
aliases CVE-2008-1720
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-twpz-szrq-4ug3
25
url VCID-uaqx-g92v-sbdh
vulnerability_id VCID-uaqx-g92v-sbdh
summary The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9843
reference_id
reference_type
scores
0
value 0.13502
scoring_system epss
scoring_elements 0.94357
published_at 2026-06-06T12:55:00Z
1
value 0.13502
scoring_system epss
scoring_elements 0.94358
published_at 2026-06-08T12:55:00Z
2
value 0.15071
scoring_system epss
scoring_elements 0.94704
published_at 2026-06-04T12:55:00Z
3
value 0.16958
scoring_system epss
scoring_elements 0.95102
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9843
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1402351
reference_id 1402351
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1402351
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275
reference_id 847275
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
reference_id 924509
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509
7
reference_url https://security.gentoo.org/glsa/201701-56
reference_id GLSA-201701-56
reference_type
scores
url https://security.gentoo.org/glsa/201701-56
8
reference_url https://security.gentoo.org/glsa/202007-54
reference_id GLSA-202007-54
reference_type
scores
url https://security.gentoo.org/glsa/202007-54
9
reference_url https://access.redhat.com/errata/RHSA-2017:1220
reference_id RHSA-2017:1220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1220
10
reference_url https://access.redhat.com/errata/RHSA-2017:1221
reference_id RHSA-2017:1221
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1221
11
reference_url https://access.redhat.com/errata/RHSA-2017:1222
reference_id RHSA-2017:1222
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:1222
12
reference_url https://access.redhat.com/errata/RHSA-2017:2999
reference_id RHSA-2017:2999
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2999
13
reference_url https://access.redhat.com/errata/RHSA-2017:3046
reference_id RHSA-2017:3046
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3046
14
reference_url https://access.redhat.com/errata/RHSA-2017:3047
reference_id RHSA-2017:3047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3047
15
reference_url https://access.redhat.com/errata/RHSA-2017:3453
reference_id RHSA-2017:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3453
16
reference_url https://usn.ubuntu.com/7959-1/
reference_id USN-7959-1
reference_type
scores
url https://usn.ubuntu.com/7959-1/
fixed_packages
0
url pkg:deb/debian/rsync@3.1.3-6
purl pkg:deb/debian/rsync@3.1.3-6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2c6b-ufgq-fbcw
1
vulnerability VCID-6zwq-zvsq-rfda
2
vulnerability VCID-be1r-cmk6-dyb9
3
vulnerability VCID-c97r-cqv2-r3h4
4
vulnerability VCID-f9zn-2jhn-jqg4
5
vulnerability VCID-nh72-az7j-wqde
6
vulnerability VCID-rt4a-vn86-vfd1
7
vulnerability VCID-rub5-mpqy-qke8
8
vulnerability VCID-vfqu-z1s4-mfa2
9
vulnerability VCID-wc4u-jz1n-eff9
10
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.1.3-6
aliases CVE-2016-9843
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uaqx-g92v-sbdh
26
url VCID-vfqu-z1s4-mfa2
vulnerability_id VCID-vfqu-z1s4-mfa2
summary rsync: rsync: Remote Denial of Service via Out-of-bounds Read
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43620.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43620.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43620
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04182
published_at 2026-06-08T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.0422
published_at 2026-06-05T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04219
published_at 2026-06-06T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04208
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43620
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43620
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43620
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2469057
reference_id 2469057
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2469057
5
reference_url https://github.com/RsyncProject/rsync/security/advisories/GHSA-28pw-r563-rxvm
reference_id GHSA-28pw-r563-rxvm
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T14:11:42Z/
url https://github.com/RsyncProject/rsync/security/advisories/GHSA-28pw-r563-rxvm
6
reference_url https://www.vulncheck.com/advisories/rsync-out-of-bounds-array-read-via-recv-files
reference_id rsync-out-of-bounds-array-read-via-recv-files
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T14:11:42Z/
url https://www.vulncheck.com/advisories/rsync-out-of-bounds-array-read-via-recv-files
7
reference_url https://usn.ubuntu.com/8283-1/
reference_id USN-8283-1
reference_type
scores
url https://usn.ubuntu.com/8283-1/
8
reference_url https://usn.ubuntu.com/8349-1/
reference_id USN-8349-1
reference_type
scores
url https://usn.ubuntu.com/8349-1/
9
reference_url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
reference_id v3.4.3
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-20T14:11:42Z/
url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2026-43620
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vfqu-z1s4-mfa2
27
url VCID-w5qp-r7dz-h7fk
vulnerability_id VCID-w5qp-r7dz-h7fk
summary Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6200.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6200.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-6200
reference_id
reference_type
scores
0
value 0.02314
scoring_system epss
scoring_elements 0.85074
published_at 2026-06-04T12:55:00Z
1
value 0.02314
scoring_system epss
scoring_elements 0.85098
published_at 2026-06-05T12:55:00Z
2
value 0.02314
scoring_system epss
scoring_elements 0.85102
published_at 2026-06-06T12:55:00Z
3
value 0.02314
scoring_system epss
scoring_elements 0.85096
published_at 2026-06-07T12:55:00Z
4
value 0.02314
scoring_system epss
scoring_elements 0.85086
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-6200
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6200
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6200
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=407171
reference_id 407171
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=407171
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453652
reference_id 453652
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453652
5
reference_url https://access.redhat.com/errata/RHSA-2011:0999
reference_id RHSA-2011:0999
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0999
fixed_packages
0
url pkg:deb/debian/rsync@3.0.3-2
purl pkg:deb/debian/rsync@3.0.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-6j5d-25zc-r7es
4
vulnerability VCID-6zwq-zvsq-rfda
5
vulnerability VCID-ay5s-4hr1-8qe5
6
vulnerability VCID-be1r-cmk6-dyb9
7
vulnerability VCID-bvzk-j9h5-zkem
8
vulnerability VCID-c97r-cqv2-r3h4
9
vulnerability VCID-f9zn-2jhn-jqg4
10
vulnerability VCID-jrfy-z2we-n7cz
11
vulnerability VCID-kxm2-1khw-suaq
12
vulnerability VCID-mwde-7pds-33c5
13
vulnerability VCID-nh72-az7j-wqde
14
vulnerability VCID-rt4a-vn86-vfd1
15
vulnerability VCID-rub5-mpqy-qke8
16
vulnerability VCID-tm8c-43cn-3fa4
17
vulnerability VCID-uaqx-g92v-sbdh
18
vulnerability VCID-vfqu-z1s4-mfa2
19
vulnerability VCID-wc4u-jz1n-eff9
20
vulnerability VCID-x81r-ud9r-8ybd
21
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.0.3-2
aliases CVE-2007-6200
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w5qp-r7dz-h7fk
28
url VCID-wc4u-jz1n-eff9
vulnerability_id VCID-wc4u-jz1n-eff9
summary rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43618.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-43618.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-43618
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17846
published_at 2026-06-08T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17961
published_at 2026-06-05T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17958
published_at 2026-06-06T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17921
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-43618
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43618
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-43618
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2469054
reference_id 2469054
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2469054
5
reference_url https://github.com/RsyncProject/rsync/security/advisories/GHSA-g37v-g3gj-pmwq
reference_id GHSA-g37v-g3gj-pmwq
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T13:03:53Z/
url https://github.com/RsyncProject/rsync/security/advisories/GHSA-g37v-g3gj-pmwq
6
reference_url https://www.vulncheck.com/advisories/rsync-integer-overflow-information-disclosure
reference_id rsync-integer-overflow-information-disclosure
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T13:03:53Z/
url https://www.vulncheck.com/advisories/rsync-integer-overflow-information-disclosure
7
reference_url https://usn.ubuntu.com/8283-1/
reference_id USN-8283-1
reference_type
scores
url https://usn.ubuntu.com/8283-1/
8
reference_url https://usn.ubuntu.com/8349-1/
reference_id USN-8349-1
reference_type
scores
url https://usn.ubuntu.com/8349-1/
9
reference_url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
reference_id v3.4.3
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
1
value 6.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-20T13:03:53Z/
url https://github.com/RsyncProject/rsync/releases/tag/v3.4.3
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2026-43618
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wc4u-jz1n-eff9
29
url VCID-x81r-ud9r-8ybd
vulnerability_id VCID-x81r-ud9r-8ybd
summary rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1097.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1097.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1097
reference_id
reference_type
scores
0
value 0.01623
scoring_system epss
scoring_elements 0.8218
published_at 2026-06-04T12:55:00Z
1
value 0.01623
scoring_system epss
scoring_elements 0.82209
published_at 2026-06-05T12:55:00Z
2
value 0.01623
scoring_system epss
scoring_elements 0.8221
published_at 2026-06-06T12:55:00Z
3
value 0.01623
scoring_system epss
scoring_elements 0.82212
published_at 2026-06-07T12:55:00Z
4
value 0.02186
scoring_system epss
scoring_elements 0.84689
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1097
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1097
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621866
reference_id 621866
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621866
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=675036
reference_id 675036
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=675036
5
reference_url https://security.gentoo.org/glsa/201412-09
reference_id GLSA-201412-09
reference_type
scores
url https://security.gentoo.org/glsa/201412-09
6
reference_url https://access.redhat.com/errata/RHSA-2011:0390
reference_id RHSA-2011:0390
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0390
7
reference_url https://usn.ubuntu.com/1124-1/
reference_id USN-1124-1
reference_type
scores
url https://usn.ubuntu.com/1124-1/
fixed_packages
0
url pkg:deb/debian/rsync@3.0.9-4
purl pkg:deb/debian/rsync@3.0.9-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-29gg-j4vp-7bef
1
vulnerability VCID-2c6b-ufgq-fbcw
2
vulnerability VCID-3nrj-48zt-8yf7
3
vulnerability VCID-6j5d-25zc-r7es
4
vulnerability VCID-6zwq-zvsq-rfda
5
vulnerability VCID-ay5s-4hr1-8qe5
6
vulnerability VCID-be1r-cmk6-dyb9
7
vulnerability VCID-bvzk-j9h5-zkem
8
vulnerability VCID-c97r-cqv2-r3h4
9
vulnerability VCID-f9zn-2jhn-jqg4
10
vulnerability VCID-jrfy-z2we-n7cz
11
vulnerability VCID-kxm2-1khw-suaq
12
vulnerability VCID-mwde-7pds-33c5
13
vulnerability VCID-nh72-az7j-wqde
14
vulnerability VCID-rt4a-vn86-vfd1
15
vulnerability VCID-rub5-mpqy-qke8
16
vulnerability VCID-tm8c-43cn-3fa4
17
vulnerability VCID-uaqx-g92v-sbdh
18
vulnerability VCID-vfqu-z1s4-mfa2
19
vulnerability VCID-wc4u-jz1n-eff9
20
vulnerability VCID-yamy-3z1h-kqaf
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.0.9-4
aliases CVE-2011-1097
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x81r-ud9r-8ybd
30
url VCID-yamy-3z1h-kqaf
vulnerability_id VCID-yamy-3z1h-kqaf
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12087.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12087.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-12087
reference_id
reference_type
scores
0
value 0.03163
scoring_system epss
scoring_elements 0.87174
published_at 2026-06-08T12:55:00Z
1
value 0.03163
scoring_system epss
scoring_elements 0.87184
published_at 2026-06-05T12:55:00Z
2
value 0.03163
scoring_system epss
scoring_elements 0.87181
published_at 2026-06-06T12:55:00Z
3
value 0.03163
scoring_system epss
scoring_elements 0.87178
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-12087
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12087
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12087
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2330672
reference_id 2330672
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2330672
5
reference_url https://kb.cert.org/vuls/id/952657
reference_id 952657
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://kb.cert.org/vuls/id/952657
6
reference_url https://security.archlinux.org/ASA-202501-1
reference_id ASA-202501-1
reference_type
scores
url https://security.archlinux.org/ASA-202501-1
7
reference_url https://security.archlinux.org/AVG-2858
reference_id AVG-2858
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2858
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6
reference_id cpe:/o:redhat:rhel_els:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
reference_id cpe:/o:redhat:rhel_els:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
30
reference_url https://access.redhat.com/security/cve/CVE-2024-12087
reference_id CVE-2024-12087
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/security/cve/CVE-2024-12087
31
reference_url https://security.gentoo.org/glsa/202501-01
reference_id GLSA-202501-01
reference_type
scores
url https://security.gentoo.org/glsa/202501-01
32
reference_url https://access.redhat.com/errata/RHBA-2025:6470
reference_id RHBA-2025:6470
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHBA-2025:6470
33
reference_url https://access.redhat.com/errata/RHSA-2025:23154
reference_id RHSA-2025:23154
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23154
34
reference_url https://access.redhat.com/errata/RHSA-2025:23235
reference_id RHSA-2025:23235
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23235
35
reference_url https://access.redhat.com/errata/RHSA-2025:23407
reference_id RHSA-2025:23407
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23407
36
reference_url https://access.redhat.com/errata/RHSA-2025:23415
reference_id RHSA-2025:23415
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23415
37
reference_url https://access.redhat.com/errata/RHSA-2025:23416
reference_id RHSA-2025:23416
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23416
38
reference_url https://access.redhat.com/errata/RHSA-2025:23842
reference_id RHSA-2025:23842
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23842
39
reference_url https://access.redhat.com/errata/RHSA-2025:23853
reference_id RHSA-2025:23853
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23853
40
reference_url https://access.redhat.com/errata/RHSA-2025:23854
reference_id RHSA-2025:23854
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23854
41
reference_url https://access.redhat.com/errata/RHSA-2025:23858
reference_id RHSA-2025:23858
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:23858
42
reference_url https://access.redhat.com/errata/RHSA-2025:2600
reference_id RHSA-2025:2600
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:2600
43
reference_url https://access.redhat.com/errata/RHSA-2025:7050
reference_id RHSA-2025:7050
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:7050
44
reference_url https://access.redhat.com/errata/RHSA-2025:8385
reference_id RHSA-2025:8385
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-26T14:12:12Z/
url https://access.redhat.com/errata/RHSA-2025:8385
45
reference_url https://usn.ubuntu.com/7206-1/
reference_id USN-7206-1
reference_type
scores
url https://usn.ubuntu.com/7206-1/
46
reference_url https://usn.ubuntu.com/7206-3/
reference_id USN-7206-3
reference_type
scores
url https://usn.ubuntu.com/7206-3/
fixed_packages
0
url pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
purl pkg:deb/debian/rsync@3.2.7-1%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7w3c-s3ph-v7fk
1
vulnerability VCID-eyj3-gsf2-u7c5
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@3.2.7-1%252Bdeb12u4
aliases CVE-2024-12087
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yamy-3z1h-kqaf
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/rsync@2.3.2-1.2