Vendor
Duplicity Project
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- Duplicity2 CVEspypi
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-3495 | 0.00 | — | 0.01 | Dec 13, 2019 | duplicity 0.6.24 has improper verification of SSL certificates | |||
| CVE-2007-5201 | 0.00 | — | 0.00 | Oct 4, 2007 | The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments. |
- CVE-2014-3495Dec 13, 2019risk 0.00cvss —epss 0.01
duplicity 0.6.24 has improper verification of SSL certificates
- CVE-2007-5201Oct 4, 2007risk 0.00cvss —epss 0.00
The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.