VYPR

PyPI package

rdiffweb

pkg:pypi/rdiffweb

Vulnerabilities (43)

  • CVE-2025-67796HigMay 4, 2026
    affected < 2.10.6fixed 2.10.6

    IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or mod

  • CVE-2023-5289Sep 29, 2023
    affected < 2.8.4fixed 2.8.4

    Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4.

  • CVE-2023-4138Aug 3, 2023
    affected < 2.8.1fixed 2.8.1

    Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.0.

  • CVE-2022-4724Dec 23, 2022
    affected < 2.5.5fixed 2.5.5

    Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5.

  • CVE-2022-4723Dec 23, 2022
    affected < 2.5.5fixed 2.5.5

    Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5.

  • CVE-2022-4722Dec 23, 2022
    affected < 2.5.5fixed 2.5.5

    Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5.

  • CVE-2022-4721Dec 23, 2022
    affected < 2.5.5fixed 2.5.5

    Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5.

  • CVE-2022-4720Dec 23, 2022
    affected < 2.5.5fixed 2.5.5

    Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.

  • CVE-2022-4719Dec 23, 2022
    affected < 2.5.5fixed 2.5.5

    Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5.

  • CVE-2022-4646Dec 22, 2022
    affected < 2.5.4fixed 2.5.4

    Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4.

  • CVE-2022-4644Dec 22, 2022
    affected < 2.5.4fixed 2.5.4

    Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.

  • CVE-2022-4314Dec 6, 2022
    affected < 2.5.2fixed 2.5.2

    Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2.

  • CVE-2022-4018Nov 16, 2022
    affected < 2.5.0a6fixed 2.5.0a6

    Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

  • CVE-2022-3362Nov 14, 2022
    affected < 2.5.0fixed 2.5.0

    Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0.

  • CVE-2022-3363Oct 26, 2022
    affected < 2.5.0a7fixed 2.5.0a7

    Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7.

  • CVE-2022-3327Oct 19, 2022
    affected < 2.5.0fixed 2.5.0

    Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

  • CVE-2022-3439Oct 14, 2022
    affected < 2.5.0fixed 2.5.0

    Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0.

  • CVE-2022-3457Oct 13, 2022
    affected < 2.5.0a5fixed 2.5.0a5

    Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5.

  • CVE-2022-3456Oct 13, 2022
    affected < 2.5.0fixed 2.5.0

    Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0.

  • CVE-2022-3438Oct 10, 2022
    affected < 2.5.0a4fixed 2.5.0a4

    Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.

Page 1 of 3