PyPI package

rdiffweb

pkg:pypi/rdiffweb

Vulnerabilities (43)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2022-3389	—	< 2.4.10	2.4.10	Oct 6, 2022	Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10.
CVE-2022-3376	—	< 2.5.0	2.5.0	Oct 6, 2022	Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
CVE-2022-3273	—	< 2.5.0	2.5.0	Oct 6, 2022	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
CVE-2022-3371	—	< 2.5.0a3	2.5.0a3	Sep 30, 2022	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.
CVE-2022-3364	—	< 2.5.0a3	2.5.0a3	Sep 29, 2022	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.
CVE-2022-3326	—	< 2.4.9	2.4.9	Sep 28, 2022	Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9.
CVE-2022-3292	—	< 2.4.9	2.4.9	Sep 28, 2022	Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3298	—	< 2.4.8	2.4.8	Sep 26, 2022	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3290	—	< 2.4.8	2.4.8	Sep 26, 2022	Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3272	—	< 2.4.8	2.4.8	Sep 26, 2022	Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3295	—	< 2.4.8	2.4.8	Sep 26, 2022	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3301	—	< 2.4.8	2.4.8	Sep 26, 2022	Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3269	—	< 2.4.7	2.4.7	Sep 23, 2022	Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.
CVE-2022-3274	—	< 2.4.7	2.4.7	Sep 22, 2022	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7.
CVE-2022-3267	—	< 2.4.6	2.4.6	Sep 22, 2022	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.
CVE-2022-3233	—	< 2.4.6	2.4.6	Sep 21, 2022	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.
CVE-2022-3250	—	< 2.4.6	2.4.6	Sep 21, 2022	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6.
CVE-2022-3232	—	< 2.4.5	2.4.5	Sep 17, 2022	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5.
CVE-2022-3221	—	< 2.4.3	2.4.3	Sep 15, 2022	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3.
CVE-2022-3179	—	>= 2.4.1, < 2.4.2	2.4.2	Sep 13, 2022	Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2.

CVE-2022-3389Oct 6, 2022
affected < 2.4.10fixed 2.4.10
Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10.
CVE-2022-3376Oct 6, 2022
affected < 2.5.0fixed 2.5.0
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
CVE-2022-3273Oct 6, 2022
affected < 2.5.0fixed 2.5.0
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
CVE-2022-3371Sep 30, 2022
affected < 2.5.0a3fixed 2.5.0a3
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.
CVE-2022-3364Sep 29, 2022
affected < 2.5.0a3fixed 2.5.0a3
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3.
CVE-2022-3326Sep 28, 2022
affected < 2.4.9fixed 2.4.9
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9.
CVE-2022-3292Sep 28, 2022
affected < 2.4.9fixed 2.4.9
Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3298Sep 26, 2022
affected < 2.4.8fixed 2.4.8
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3290Sep 26, 2022
affected < 2.4.8fixed 2.4.8
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3272Sep 26, 2022
affected < 2.4.8fixed 2.4.8
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3295Sep 26, 2022
affected < 2.4.8fixed 2.4.8
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3301Sep 26, 2022
affected < 2.4.8fixed 2.4.8
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-3269Sep 23, 2022
affected < 2.4.7fixed 2.4.7
Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.
CVE-2022-3274Sep 22, 2022
affected < 2.4.7fixed 2.4.7
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7.
CVE-2022-3267Sep 22, 2022
affected < 2.4.6fixed 2.4.6
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.
CVE-2022-3233Sep 21, 2022
affected < 2.4.6fixed 2.4.6
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.
CVE-2022-3250Sep 21, 2022
affected < 2.4.6fixed 2.4.6
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6.
CVE-2022-3232Sep 17, 2022
affected < 2.4.5fixed 2.4.5
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5.
CVE-2022-3221Sep 15, 2022
affected < 2.4.3fixed 2.4.3
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3.
CVE-2022-3179Sep 13, 2022
affected >= 2.4.1, < 2.4.2fixed 2.4.2
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2.

Page 2 of 3