10 matches found
Fedora 43 : rsync (2026-a04e445b3f)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a04e445b3f advisory. New version 3.4.4 with multiple regression fixes. This update also fixes the following CVEs: CVE-2026-29518 CVE-2026-43617 CVE-2026-43618...
Photon OS 4.0: Rsync PHSA-2026-4.0-1038
An update of the rsync package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1038. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Rsync PHSA-2026-5.0-0885
An update of the rsync package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0885. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
RockyLinux 10 : rsync (RLSA-2026:26332)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26332 advisory. rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding CVE-2026-43618 rsync: TOCTOU symlink race condition allowing...
Security update for rsync (important)
openSUSE security update: security update for rsync ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20877-1 Rating: important References: bsc1254441 bsc1262223 bsc1264511 bsc1264512 bsc1264513 bsc1264514 bsc1264515 bsc1265296 Cross-References:...
CLSA-2026-1779694727 Fix CVE(s): CVE-2026-29518
SECURITY UPDATE: daemon-no-chroot TOCTOU symlink race - debian/patches/CVE-2026-29518.patch: track per-module chroot in amchrooted and usesecuresymlinks; route the sender's read-path open, the receiver's basis-file open, mkstemp, and inplace write through securerelativeopen / securemkstemp -...
CLSA-2026-1779694460 Fix CVE(s): CVE-2026-29518
SECURITY UPDATE: daemon-no-chroot TOCTOU symlink race - debian/patches/CVE-2026-29518.patch: track per-module chroot in amchrooted and usesecuresymlinks; route the sender's read-path open, the receiver's basis-file open, mkstemp, and inplace write through securerelativeopen / securemkstemp -...
DEBIAN-CVE-2026-29518
Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...
CVE-2026-29518
Rsync versions before 3.4.3 contain a time-of-check to time-of-use TOCTOU race condition in daemon file handling that allows attackers to redirect file writes outside intended directories by replacing parent directory components with symbolic links. Attackers with write access to a module path ca...
CVE-2026-29518
creationtimestamp| type| source ---|---|--- 2026-05-20 04:18:43+00:00| seen| https://vulnerability.circl.lu/bundle/98dfc241-f74a-4ad3-9b5d-a312ab6e6c87 2026-05-20 09:58:23+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mmbnf2tq3f22 2026-05-20 15:11:50+00:00| seen|...