NLnet Labs Routinator 路径遍历漏洞

NLnet Labs Routinator is an open-source RPKI routing origin validation service developed by NLnet Labs. NLnet Labs Routinator has a path traversal vulnerability, which stems from the improper checking of module components in the rsync URI. This vulnerability may allow for path traversal, enabling...

rsync: Path traversal vulnerability in rsync

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

rsync: Path traversal vulnerability in rsync

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the --inc-recursive option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive option, a lack of proper...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.103032)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.103032 advisory. - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20230302.101060)

The version of AHV installed on the remote host is prior to 20230302.102005. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20230302.101060 advisory. - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.1)

The version of AHV installed on the remote host is prior to AHV-10.0.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.1 advisory. - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and...

EulerOS 2.0 SP13 : rsync (EulerOS-SA-2025-1624)

According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, rsync fails to properly verify if a symbolic link destination contains another symbol...

EulerOS 2.0 SP13 : rsync (EulerOS-SA-2025-1641)

According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, rsync fails to properly verify if a symbolic link destination contains another symbol...

AlmaLinux 8 : rsync (ALSA-2025:2600)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:2600 advisory. rsync: Path traversal vulnerability in rsync CVE-2024-12087 rsync: --safe-links option bypass leads to path traversal CVE-2024-12088 rsync: Race Condition...

EulerOS 2.0 SP11 : rsync (EulerOS-SA-2025-1378)

According to the versions of the rsync package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from th...

CVE-2024-12088

A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the...

PT-2024-10126

The rsync software is affected by a path traversal issue, which arises from the behavior enabled by the --inc-recursive option. This option is default-enabled for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the --inc-recursive...