VulnerableCode Package Details - pkg:alpm/archlinux/rsync@3.2.3-2

Search for packages

Package details: pkg:alpm/archlinux/rsync@3.2.3-2

Essentials
History (3)

purl	pkg:alpm/archlinux/rsync@3.2.3-2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-p1pk-9k4k-aaap	A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise confidentiality and integrity of data transmitted using rsync-ssl. The highest threat from this vulnerability is to data confidentiality and integrity. This flaw affects rsync versions before 3.2.4.	CVE-2020-14387

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:45:46.865518+00:00	Arch Linux Importer	Fixing	VCID-p1pk-9k4k-aaap	https://security.archlinux.org/AVG-1374	36.0.0
2024-09-18T02:00:48.088920+00:00	Arch Linux Importer	Fixing	VCID-p1pk-9k4k-aaap	https://security.archlinux.org/AVG-1374	34.0.1
2024-01-03T22:27:05.903991+00:00	Arch Linux Importer	Fixing	VCID-p1pk-9k4k-aaap	https://security.archlinux.org/AVG-1374	34.0.0rc1