2445 matches found
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...
rsync: Rsync: Use-after-free vulnerability in extended attribute handling
A flaw was found in rsync. When rsync is configured to handle extended attributes using the -X or --xattrs option, a remote attacker can exploit a use-after-free vulnerability. This occurs because the receivexattr function incorrectly processes an untrusted length value during a sorting operation...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...
RHEL 8 : rsync (RHSA-2026:25170)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25170 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...
RHEL 8 : rsync (RHSA-2026:25149)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:25149 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...
RHEL 8 : rsync (RHSA-2026:25190)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:25190 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...
RHEL 7 : rsync (RHSA-2026:25172)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:25172 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...
RHEL 6 : rsync (RHSA-2026:25173)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:25173 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.33 bug fix and security update
Red Hat OpenShift Container Platform release 4.19.33 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...
Security Bulletin: IBM Cloud Pak for Data System 1.0 is affected by multiple vulnerabilities
Summary IBM Cloud Pak for Data System 1.0 CPDS 1.0 includes multiple third-party components that are affected by various security vulnerabilities. These vulnerabilities include integer overflow issues in GLib leading to heap corruption and denial of service, a write-what-where condition in the...
CVE-2026-49233
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
USN-8349-2: rsync regression
USN-8349-1 fixed vulnerabilities in rsync. The update introduced multiple regressions in rsync functionality. This update fixes the problem. Original advisory details: Calum Hutton discovered that rsync contained a heap-based out-of-bounds read when handling file transfers. A remote attacker with...
GHSA-33MJ-99MG-8G73 Routinator has cache path traversal when processing the module component of rsync URIs
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
Routinator has cache path traversal when processing the module component of rsync URIs
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
CVE-2026-49233
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
CVE-2026-49233 Routinator cache path traversal using rogue rsync URIs
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
CVE-2026-49233
CVE-2026-49233 affects Routinator. The issue is improper validation of the module component in rsync URIs used to construct cache filesystem paths, enabling path traversal through a module name containing ‘..’. This could grant an attacker access to the entire Routinator rsync cache. The connecte...
CVE-2026-49233 Routinator cache path traversal using rogue rsync URIs
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
CVE-2026-49233
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name containing .., potentially providing an attacker access to the entire Routinator rsync cache...
PT-2026-47302
Name of the Vulnerable Software and Affected Versions Routinator affected versions not specified Description Routinator fails to properly validate the module component of rsync URIs used to generate file system paths for its cache. This lack of validation enables path traversal if a module name...