vulnerability
Alpine Linux: CVE-2025-10158: Improper Validation of Array Index
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Nov 18, 2025 | Nov 20, 2025 | Dec 22, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Nov 18, 2025
Added
Nov 20, 2025
Modified
Dec 22, 2025
Description
A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The
malicious
rsync client requires at least read access to the remote rsync module in order to trigger the issue.
malicious
rsync client requires at least read access to the remote rsync module in order to trigger the issue.
Solution
alpine-linux-upgrade-rsync
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.