Critical severity10.0NVD Advisory· Published Feb 3, 2016· Updated Jun 17, 2026
CVE-2015-8747
CVE-2015-8747
Description
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
RadicalePyPI | < 1.1 | 1.1 |
Affected products
2Patches
Vulnerability mechanics
References
14- github.com/Kozea/Radicale/pull/343nvdPatchWEB
- github.com/advisories/GHSA-fgqv-96v9-w23mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-8747ghsaADVISORY
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175738.htmlnvdWEB
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175776.htmlnvdWEB
- www.debian.org/security/2016/dsa-3462nvdWEB
- www.openwall.com/lists/oss-security/2016/01/05/7nvdWEB
- www.openwall.com/lists/oss-security/2016/01/06/4nvdWEB
- www.openwall.com/lists/oss-security/2016/01/06/7nvdWEB
- github.com/Kozea/Radicale/commit/18c88642fb19ee1480690e51fff9605ecc6fdab5ghsaWEB
- github.com/Unrud/Radicale/commit/bcaf452e516c02c9bed584a73736431c5e8831f1nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/radicale/PYSEC-2016-36.yamlghsaWEB
- web.archive.org/web/20200804235922/http://www.securityfocus.com/bid/80255ghsaWEB
- www.securityfocus.com/bid/80255nvd
News mentions
0No linked articles in our index yet.