Rsync contains six vulnerabilities

🗓️ 14 Jan 2025 00:00:00Reported by CERTType

cert

cert🔗 www.kb.cert.org👁 11 Views

Rsync versions 3.3.0 and below have six critical vulnerabilities impacting file synchronization.

Reporter	Title	Published	Views	Family All 591
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple vulnerabilities	31 Jul 202514:21	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in rsync [CVE-2024-12747]	28 Aug 202517:17	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in rsync [ CVE-2024-12087]	28 Aug 202517:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a path traversal vulnerability in rsync [CVE-2024-12088]	28 Aug 202517:13	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Cloud Pak for Multicloud Management	19 Nov 202512:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Verify Governance has multiple vulnerabilities	26 Feb 202604:30	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	15 Apr 202502:36	–	ibm
FreeBSD	rsync -- Multiple security fixes	14 Jan 202500:00	–	freebsd
GithubExploit	Exploit for Use of Uninitialized Resource in Samba Rsync	24 Jul 202508:10	–	githubexploit

25 Aug 2025 17:26Current

8High risk

Vulners AI Score8

CVSS 3.17.5 - 9.8

EPSS0.71848

SSVC

rsync vulnerabilities file synchronization heap buffer overflow information leak file leak path traversal.