[FREEBSD:B5E22EC5-BC4B-11EE-B0B5-B42E991FC52E] rclone -- Multiple vulnerabilities

Severity Medium

Affected Packages 1

CVEs 2

Multiple vulnerabilities in ssh and golang

      CVE-2023-45286: HTTP request body disclosure in go-resty
      disclosure across requests.


      CVE-2023-48795: The SSH transport protocol with certain
      OpenSSH extensions, found in OpenSSH before 9.6 and
      other products, allows remote attackers to bypass
      integrity checks.

Package	Affected Version
pkg:freebsd/rclone	< 1.65.1

ID

FREEBSD:B5E22EC5-BC4B-11EE-B0B5-B42E991FC52E

Severity

medium

Severity from

CVE-2023-45286

URL

http://vuxml.freebsd.org/freebsd/b5e22ec5-bc4b-11ee-b0b5-b42e991fc52e.html

Published

2023-11-28T00:00:00
(9 months ago)

Modified

2024-01-26T00:00:00
(7 months ago)

Rights

FreeBSD VuXML Security Team

Other Advisories

Source	# ID	Name	URL
FreeBSD VuXML			https://nvd.nist.gov/vuln/detail/CVE-2023-45286
FreeBSD VuXML			https://nvd.nist.gov/vuln/detail/CVE-2023-48795

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:freebsd/rclone		rclone	< 1.65.1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date