Lucene search
China National Vulnerability DatabaseCNVD-2022-88261HistorySep 28, 2022 - 12:00 a.m.
Rdiffweb Email Denial of Service Vulnerability
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
rdiffweb
denial of service
email
vulnerability
patrik dufresne
0.001 Low
EPSS
Percentile
38.1%
Rdiffweb is a web application by the American personal developer Patrik Dufresne. It allows quick access to your archives through an efficient web interface. a denial of service vulnerability exists in versions prior to Rdiffweb 2.4.8, which stems from not validating email length in rdiffweb-demo.ikus-soft.com/prefs/general. An attacker could exploit the vulnerability to launch a denial of service attack by entering a long string.
| CPE | Name | Operator | Version |
|---|---|---|---|
| patrik dufresne rdiffweb | lt | 2.4.8 |
Related
cve
cve
CVE-2022-3272
2022-09-26 17:16:08
osv
osv
rdiffweb's unlimited length email field can lead to DoS
2022-09-27 00:00:17
PYSEC-2022-291
2022-09-26 17:16:00
CVE-2022-3272
2022-09-26 17:16:08
prion
prion
Input validation
2022-09-26 17:16:00
huntr
huntr
No limit in email length may result in a possible DOS attack
2022-09-22 14:35:30
veracode
veracode
Denial Of Service (DoS)
2022-09-27 02:40:04
nvd
nvd
CVE-2022-3272
2022-09-26 17:16:08
github
github
rdiffweb's unlimited length email field can lead to DoS
2022-09-27 00:00:17
cvelist
cvelist