0.001 Low
EPSS
Percentile
34.0%
rdiffweb is vulnerable to Denial Of Service (DoS). A malicious user is able to set the Token name with a long string leading to memory corruption, resulting in an application crash.
Token name
github.com/advisories/GHSA-3fhq-72hw-jqwv
github.com/ikus060/rdiffweb/commit/b62c479ff6979563c7c23e7182942bc4f460a2c7
huntr.dev/bounties/4e8f6136-50c7-4fa1-ac98-699bcb7b35ce
huntr.dev/bounties/4e8f6136-50c7-4fa1-ac98-699bcb7b35ce/