CVE-2024-12088

A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.

Published: Jan 14, 2025
Updated: Jun 19, 2025
CVE: CVE-2024-12088
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
samba / rsync	-	3.3.0.x
redhat / enterprise_linux	7.0	7.0.x
redhat / enterprise_linux	6.0	6.0.x
redhat / enterprise_linux	8.0	8.0.x
redhat / openshift_container_platform	4.0	4.0.x
redhat / enterprise_linux	9.0	9.0.x
redhat / enterprise_linux_for_arm_64	9.0_aarch64	9.0_aarch64.x
redhat / enterprise_linux	10.0	10.0.x
redhat / enterprise_linux_for_arm_64	8.0_aarch64	8.0_aarch64.x
redhat / enterprise_linux_for_ibm_z_systems	8.0_s390x	8.0_s390x.x
redhat / enterprise_linux_for_power_little_endian	8.0_ppc64le	8.0_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems	9.0_s390x	9.0_s390x.x
redhat / enterprise_linux_for_power_little_endian	9.0_ppc64le	9.0_ppc64le.x
redhat / enterprise_linux_for_arm_64_eus	9.6_aarch64	9.6_aarch64.x
redhat / enterprise_linux_for_ibm_z_systems_eus	9.6_s390x	9.6_s390x.x
redhat / enterprise_linux_for_power_little_endian_eus	9.6_ppc64le	9.6_ppc64le.x
redhat / enterprise_linux_server_aus	9.6	9.6.x
redhat / enterprise_linux_eus	9.6	9.6.x
redhat / enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.6_ppc64le	9.6_ppc64le.x
redhat / discovery	1.14	1.14.x
redhat / enterprise_linux_update_services_for_sap_solutions	9.6	9.6.x
nixos / nixos	-	24.11
tritondatacenter / smartos	-	20250123
almalinux / almalinux	9.0	9.0.x
almalinux / almalinux	10.0	10.0.x
almalinux / almalinux	8.0	8.0.x

Vulnerability Database

289,598

CVE-2024-12088