VYPR
Medium severity5.6NVD Advisory· Published Jan 14, 2025· Updated Apr 15, 2026

CVE-2024-12747

CVE-2024-12747

Description

A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

32

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.