Lucene search

CVE-2022-4723

🗓️ 27 Dec 2022 15:11:15Reported by @huntrdevType

CVE-2022-4723 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 11
Huntr	No rate limit on "resend email feature" while enable or disable 2FA from /prefs/mfa endpoint	21 Dec 202215:38	–	huntr
Vulnrichment	CVE-2022-4723 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb	23 Dec 202200:00	–	vulnrichment
OSV	PYSEC-2022-43009	27 Dec 202215:15	–	osv
OSV	GHSA-7Q4R-X5QG-MMCP rdiffweb has no rate limit on resend email feature	27 Dec 202215:30	–	osv
OSV	CVE-2022-4723	27 Dec 202215:15	–	osv
Veracode	Denial Of Service (DoS)	3 Jan 202314:06	–	veracode
RedhatCVE	CVE-2022-4723	23 May 202500:33	–	redhatcve
Github Security Blog	rdiffweb has no rate limit on resend email feature	27 Dec 202215:30	–	github
Prion	Design/Logic Flaw	27 Dec 202215:15	–	prion
Cvelist	CVE-2022-4723 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb	23 Dec 202200:00	–	cvelist

Nvd

Node

ikus-soft rdiffwebRange<2.5.5

[
  {
    "vendor": "ikus060",
    "product": "ikus060/rdiffweb",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "2.5.5",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.dev/bounties/9369681b-8bfc-4146-a54c-c5108442d92c
github	www.github.com/ikus060/rdiffweb/commit/6e9ee210548f6d3210704cac302cfc7cdb239765

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Dec 2022 15:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS36.3 - 6.5

EPSS0.00116

SSVC

CWE-770