FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-29 21:10:00 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
163edccf-d2ba-11ef-b10e-589cfc10a551	rsync -- Multiple security fixes rsync reports: This update includes multiple security fixes: CVE-2024-12084: Heap Buffer Overflow in Checksum Parsing CVE-2024-12085: Info Leak via uninitialized Stack contents defeats ASLR CVE-2024-12086: Server leaks arbitrary client files CVE-2024-12087: Server can make client write files outside of destination directory using symbolic links CVE-2024-12088: --safe-links Bypass CVE-2024-12747: symlink race condition Discovery 2025-01-14 Entry 2025-01-14 rsync < 3.4.0 CVE-2024-12084 CVE-2024-12085 CVE-2024-12086 CVE-2024-12087 CVE-2024-12088 CVE-2024-12747

VuXML ID

Description

163edccf-d2ba-11ef-b10e-589cfc10a551

rsync -- Multiple security fixes

rsync reports:

This update includes multiple security fixes:

CVE-2024-12084: Heap Buffer Overflow in Checksum Parsing

CVE-2024-12085: Info Leak via uninitialized Stack contents defeats ASLR

CVE-2024-12086: Server leaks arbitrary client files

CVE-2024-12087: Server can make client write files outside of destination directory using symbolic links

CVE-2024-12088: --safe-links Bypass

CVE-2024-12747: symlink race condition

Discovery 2025-01-14
Entry 2025-01-14
rsync

< 3.4.0

CVE-2024-12084
CVE-2024-12085
CVE-2024-12086
CVE-2024-12087
CVE-2024-12088
CVE-2024-12747