Lucene search
GoogleOSV:PYSEC-2017-102HistoryApr 30, 2017 - 3:59 p.m.
PYSEC-2017-102
2017-04-3015:59:00
Google
osv.dev
7
0.004 Low
EPSS
Percentile
72.4%
Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.
References
bugs.debian.org/861514
github.com/Kozea/Radicale/blob/1.1.2/NEWS.rst
github.com/Kozea/Radicale/commit/059ba8dec1f22ccbeab837e288b3833a099cee2d
github.com/Kozea/Radicale/commit/190b1dd795f0c552a4992445a231da760211183b
lists.debian.org/debian-lts-announce/2020/04/msg00019.html
nvd.nist.gov/vuln/detail/CVE-2017-8342
pypi.org/project/radicale
Related
fedora
fedora
[SECURITY] Fedora 26 Update: radicale-1.1.2-1.fc26
2017-05-12 14:14:58
[SECURITY] Fedora 24 Update: radicale-1.1.2-1.fc24
2017-05-15 04:29:03
[SECURITY] Fedora 25 Update: radicale-1.1.2-1.fc25
2017-05-15 04:44:19
ubuntucve
ubuntucve
CVE-2017-8342
2017-04-30 00:00:00
prion
prion
Authentication flaw
2017-04-30 15:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0140)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-934-1)
2018-01-24 00:00:00
Fedora Update for radicale FEDORA-2017-2ab5baea0a
2017-05-15 00:00:00
debian
debian
[SECURITY] [DLA 934-1] radicale security update
2017-05-09 19:59:18
[SECURITY] [DLA 2187-1] radicale security update
2020-04-25 21:13:05
nessus
nessus
Fedora 26 : radicale (2017-863f86e7a9)
2017-07-17 00:00:00
Fedora 25 : radicale (2017-2ab5baea0a)
2017-05-16 00:00:00
Fedora 24 : radicale (2017-cdc7caed36)
2017-05-16 00:00:00
debiancve
debiancve
CVE-2017-8342
2017-04-30 15:59:00
osv
osv
radicale - security update
2020-04-25 00:00:00
CVE-2017-8342
2017-04-30 15:59:00
radicale - security update
2017-05-09 00:00:00
cve
cve
CVE-2017-8342
2017-04-30 15:59:00
mageia
mageia
Updated radicale package fixes security vulnerability
2017-05-19 11:57:57
veracode
veracode
Timing Attack
2017-05-02 05:24:40
nvd
nvd
CVE-2017-8342
2017-04-30 15:59:00
cvelist
cvelist
CVE-2017-8342
2017-04-30 15:00:00
github
github
Radicale is vulnerable to timing oracles and simple bruteforce attacks
2022-05-13 01:27:10