Search for packages
Package details: pkg:alpm/archlinux/rsync@3.2.3-1
purl pkg:alpm/archlinux/rsync@3.2.3-1
Next non-vulnerable version 3.2.3-2
Latest non-vulnerable version 3.4.0-1
Risk 4.1
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-p1pk-9k4k-aaap
Aliases:
CVE-2020-14387
A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with host mismatch vulnerability. A remote, unauthenticated attacker could exploit the flaw by performing a man-in-the-middle attack using a valid certificate for another hostname which could compromise confidentiality and integrity of data transmitted using rsync-ssl. The highest threat from this vulnerability is to data confidentiality and integrity. This flaw affects rsync versions before 3.2.4.
3.2.3-2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T07:45:46.860484+00:00 Arch Linux Importer Affected by VCID-p1pk-9k4k-aaap https://security.archlinux.org/AVG-1374 36.0.0
2024-09-18T02:00:48.084783+00:00 Arch Linux Importer Affected by VCID-p1pk-9k4k-aaap https://security.archlinux.org/AVG-1374 34.0.1
2024-01-03T22:27:05.899242+00:00 Arch Linux Importer Affected by VCID-p1pk-9k4k-aaap https://security.archlinux.org/AVG-1374 34.0.0rc1