544 matches found
CVE-2022-3290 Improper Handling of Length Parameter Inconsistency in ikus060/rdiffweb
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3290 Improper Handling of Length Parameter Inconsistency in ikus060/rdiffweb
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3290
CVE-2022-3290 affects the rdiffweb project (ikis060/rdiffweb) prior to 2.4.8, where the root cause is improper handling/validation of the length parameter for the username field. This can be exploited to trigger a Denial of Service due to excessive memory use, with the DoS condition explicitly do...
Session Fixation
rdiffweb is vulnerable to session fixation. The vulnerability exists because even after logout, the application continues to use the preauthentication cookies, which allows an attacker to gain unauthorized access to the account of a victim who is using the same browser, as long as a single sessio...
Input validation
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8...
PYSEC-2022-291
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8...
PYSEC-2022-291
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3272 Improper Handling of Length Parameter Inconsistency in ikus060/rdiffweb
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3272
CVE-2022-3272 concerns rdiffweb prior to 2.4.8. The root cause is improper handling of a length parameter in email input (no validation beyond long strings), enabling a denial-of-service condition. Affected software is the rdiffweb web application; the vulnerability is evidenced by multiple sourc...
PYSEC-2022-293
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...
PYSEC-2022-293
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3295 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3295 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3295
CVE-2022-3295 affects the rdiffweb project (rdiffweb, prior to 2.4.8). The root cause is unlimited length for root directory names, allowing a crafted long string to trigger a denial of service. Impact is a DoS condition with potential memory issues; no data confidentiality or integrity impact is...
CVE-2022-3295 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8...
PYSEC-2022-295
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8...
PYSEC-2022-295
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3301 Improper Cleanup on Thrown Exception in ikus060/rdiffweb
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3301 Improper Cleanup on Thrown Exception in ikus060/rdiffweb
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8...
CVE-2022-3301 Improper Cleanup on Thrown Exception in ikus060/rdiffweb
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8...