Linux Distros Unpatched Vulnerability : CVE-2011-1097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service heap memory...

Linux Distros Unpatched Vulnerability : CVE-2007-6200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, excludefrom, and filter an...

CLSA-2025-1740131776 Fix CVE(s): CVE-2024-12747

SECURITY UPDATE: race condition during rsync's handling of symbolic links - debian/patches/CVE-2024-12747.patch: prevent symlink race preventing a normal file from being replaced by a symlink - CVE-2024-12747 debian/rules, debian/patches/series: use series file to manage patches...

openSUSE Security Advisory (SUSE-SU-2025:0404-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

rsync security update

3.1.2-12.0.1 Back port fix for CVE-2024-12085 Orabug: 37524229...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.73 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.73 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

CLSA-2025-1739388237 rsync: Fix of CVE-2024-12747

CVE-2024-12747: fix symlink race condition in sender...

CLSA-2025-1739386458 rsync: Fix of CVE-2024-12747

CVE-2024-12747: fix symlink race condition in sender...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rsync (SUSE-SU-2025:0404-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:0404-1 advisory. - Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities. Tenable has...

Astra Linux – Vulnerability in rsync

A flaw was discovered in rsync. When the --safe-links option is used, the rsync client fails to properly verify whether a symbolic link destination sent from the server contains another symbolic link within it. This leads to a path traversal vulnerability, which may result in arbitrary file writi...

Astra Linux – Vulnerability in rsync

A heap-based buffer overflow flaw was discovered in the rsync daemon. This issue arises due to improper handling of the attacker-controlled checksum length s2length in the code. When MAXDIGESTLEN exceeds the fixed SUMLENGTH 16 bytes, an attacker can write data beyond the buffer’s boundaries...

Astra Linux – Vulnerability in rsync

There is a path traversal vulnerability in rsync. This vulnerability stems from a behavior enabled by the --inc-recursive option, which is a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive...

SUSE CVE-2025-24366

SFTPGo is an open source, event-driven file transfer solution. SFTPGo supports execution of a defined set of commands via SSH. Besides a set of default commands some optional commands can be activated, one of them being rsync. It is disabled in the default configuration and it is limited to the...

Improper Input Validation

github.com/drakkan/sftpgo is vulnerable to Improper Input Validation. The vulnerability is due to missing sanitization of the client-provided rsync command, allowing an authenticated remote user to read or write files with the permissions of the SFTPGo server process...

Ubuntu: Security Advisory (USN-7206-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for rsync

This update for rsync fixes the following issues: Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

SUSE-SU-2025:0404-1 Security update for rsync

This update for rsync fixes the following issues: - Bump rsync protocol version to 32 to show server is patched against recent vulnerabilities...

USN-7206-4: rsync regression

USN-7206-3 fixed vulnerabilities in rsync for Ubuntu 24.10. The update introduced a regression in rsync. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle...

USN-7206-4 rsync regression

USN-7206-3 fixed vulnerabilities in rsync for Ubuntu 24.10. The update introduced a regression in rsync. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle...

PT-2025-19694 · Opensuse +1 · Rsync

Name of the Vulnerable Software and Affected Versions: rsync affected versions not specified Description: This issue involves rsync. An update bumps the rsync protocol version to 32 to indicate the server has been patched against recent issues. Recommendations: At the moment, there is no...