CVE-2022-3179

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3179

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2...

PYSEC-2022-272

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2...

Sensitive Information Disclosure

Rdiffweb is vulnerable to Sensitive Information Disclosure. The vulnerability is due to session cookies instantiated without the "Secure" attribute. This flaw allows the transport of user cookies over insecure HTTP...

CVE-2022-3179 Weak Password Requirements in ikus060/rdiffweb

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3179 Weak Password Requirements in ikus060/rdiffweb

Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3179

CVE-2022-3179 concerns weak password requirements in the rdiffweb project (ikus060/rdiffweb) prior to version 2.4.2. The issue is described across multiple sources as the software lacking a proper password policy, which could permit weak or easily guessable passwords and enable brute-force-style ...

CVE-2022-3175

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3174

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3175

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2...

PYSEC-2022-273

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2...

Session fixation

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

PYSEC-2022-271

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

PYSEC-2022-273

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2...

CVE-2022-3174

CVE-2022-3174 affects rdiffweb prior to 2.4.2, where cookies are transmitted over HTTPS without the Secure attribute, exposing confidentiality. The issue impacts the GitHub repo ikus060/rdiffweb; CVSS v3.1/3.0 base score 7.5 (HIGH) with network attacker, no user interaction. Affected component: s...

CVE-2022-3175

CVE-2022-3175 affects the rdiffweb project in the GitHub repository ikus060/rdiffweb prior to version 2.4.2. The vulnerability is a missing custom error page which leads to leakage of error information. The issue is resolved in version 2.4.2. Mitigation: upgrade to 2.4.2 or later. Exploitation de...

CVE-2022-3175 Missing Custom Error Page in ikus060/rdiffweb

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2...

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your files through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.4.2, which stems from weak password setting requirements...

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your files through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.4.2, which stems from the presence of sensitive cookies in HTTPS session...

Rdiffweb 安全漏洞

Rdiffweb is a web application by Patrik Dufresne, an individual developer in the USA. It provides quick access to your archives through an efficient web interface. A security vulnerability exists in Rdiffweb versions prior to 2.4.2, which stems from the loss of a custom error page...