EPSS
Percentile
55.9%
rdiffweb is vulnerable to business logic errors. The vulnerability exists because the library does not properly trigger notifications when adding an ssh key which allows an attacker to add any ssh key without aware of the user
github.com/advisories/GHSA-2wpw-cm9w-v4xm
github.com/ikus060/rdiffweb/commit/bc4bed89affcba71251fe54ed10639da9d392c1d
huntr.dev/bounties/9f746881-ad42-446b-9b1d-153391eacc09
huntr.dev/bounties/9f746881-ad42-446b-9b1d-153391eacc09/