github.com/ncw/rclone is vulnerable to man-in-the-middle (MitM) attacks. The library does not validate any URLs passed from the Google Cloud Storage API server, allowing a malicious user to pass their own URL during the migration of data between two google cloud storage bucketsrclone sync
command.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/ncw/rclone | le | v1.60.1 | |
github.com/ncw/rclone | le | v1.60.1 |