PT-2022-21794 · Rdiffweb · Rdiffweb

Name of the Vulnerable Software and Affected Versions: rdiffweb versions prior to 2.5.0a3 Description: The issue is related to the allocation of resources without limits or throttling, allowing users to insert an email longer than 255 characters. If a user signs up with an excessively long email...

CVE-2022-3326 Weak Password Requirements in ikus060/rdiffweb

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9...

CVE-2022-3326 Weak Password Requirements in ikus060/rdiffweb

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9...

CVE-2022-3326

Summary: CVE-2022-3326 affects the rdiffweb project (ikus060/rdiffweb) prior to version 2.4.9. The root cause is weak password requirements due to insufficient validation of password entropy, which allows bypassing the intended password complexity policy that requires 8–128 characters. The result...

CVE-2022-3292

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8...

PYSEC-2022-296

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8...

CVE-2022-3292 Use of Cache Containing Sensitive Information in ikus060/rdiffweb

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8...

CVE-2022-3292 Use of Cache Containing Sensitive Information in ikus060/rdiffweb

Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8...

Rdiffweb Email Denial of Service Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A denial of service vulnerability exists in Rdiffweb versions prior to 2.4.8, which stems from not validating email length in...

Rdiffweb Root Directory Name Denial of Service Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A denial of service vulnerability exists in Rdiffweb versions prior to 2.4.8, which stems from a lack of length validation of the root...

Rdiffweb Authorization Issues Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. An authorization issue vulnerability exists in Rdiffweb versions prior to 2.4.7, which can be exploited by an attacker to steal cookies...

Rdiffweb Title Denial of Service Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A denial of service vulnerability exists in Rdiffweb versions prior to 2.4.8, which stems from the "title" parameter when adding an SSH...

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A weak password vulnerability exists in Rdiffweb versions prior to 2.4.9, which can be exploited by attackers to obtain sensitive...

Rdiffweb Virtual Tampering Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. A virtual tampering vulnerability exists in Rdiffweb versions prior to 2.4.8, which can be exploited by an attacker to inject malicious...

PT-2022-21580 · Rdiffweb · Rdiffweb

Name of the Vulnerable Software and Affected Versions: rdiffweb versions prior to 2.4.9 Description: The issue concerns the use of cache containing sensitive information. Due to improper cache control, an attacker can view sensitive information even if they are not logged into an account...

Rdiffweb Username Denial of Service Vulnerability

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A denial of service vulnerability exists in Rdiffweb versions prior to 2.4.8, which stems from a lack of length validation of the...

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. Provides quick access to your archives through an efficient web interface. An information disclosure vulnerability exists in Rdiffweb versions prior to 2.4.8, which stems from the use of a cache containing...

Content Spoofing

rdiffweb is vulnerable to content spoofing. An attacker can deliver professionally crafted visual defacements to the right recipients convincingly and provide misleading information to the victims due to improper processing and rendering of user-supplied inputs...

Denial Of Service (DoS)

rdiffweb is vulnerable to denial of service. The vulnerability exists in pageadmin.py due to not limiting the length of root directory name which allows an attacker to cause an application crash via a malicious input...

Denial Of Service (DoS)

rdiffweb is vulnerable to denial of service. The vulnerability exists in prefsshkeys.py due to not limiting in title length while adding SSH key which allows an attacker to cause an application crash via a malicious input...