CVE-2025-10158
Published
CVSS v3
4.3
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue.
An open source utility that provides fast incremental file transfer. It also has useful features for backup and restore operations among many other use cases.
GitHub