PyPI package
borgbackup
pkg:pypi/borgbackup
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-36811 | — | < 1.2.5 | 1.2.5 | Aug 30, 2023 | borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack | ||
| CVE-2017-15914 | — | >= 1.1.0b1, < 1.1.3 | 1.1.3 | Feb 8, 2018 | Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3. |
- CVE-2023-36811Aug 30, 2023affected < 1.2.5fixed 1.2.5
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack
- CVE-2017-15914Feb 8, 2018affected >= 1.1.0b1, < 1.1.3fixed 1.1.3
Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers 1.1.x before 1.1.3.