Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi rdiffweb Security Advisories

Loading...
High
GSA_kwCzR0hTQS1jNHJ2LTJqNngtcHE3eM4AA2JC
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS13d3JnLTJ3NWotZ3J2eM4AA1CR
RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.0
Published: 12 months ago
Moderate
GSA_kwCzR0hTQS0yd3B3LWNtOXctdjR4bc4AAwnq
rdiffweb vulnerable to Business Logic Errors
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.7
Published: over 1 year ago
High
GSA_kwCzR0hTQS13ZjMzLTZ4MzMtd2NmOc4AAwnp
rdiffweb vulnerable to Authentication Bypass by Primary Weakness
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.4
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04M3BtLTd2NDgtNWpwNM4AAwnu
rdiffweb vulnerable to Special Element Injection
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: over 1 year ago
High
GSA_kwCzR0hTQS1oNXdwLWpycWMtY3d3eM4AAwnl
rdiffweb vulnerable to Open Redirect
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.9
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1tOHI5LXF4eDgtbXJ4cM4AAwnn
rdiffweb Improper Access Control vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS03cTRyLXg1cWctbW1jcM4AAwns
rdiffweb has no rate limit on resend email feature
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS02MzlmLWh4Y3YtODRtY84AAwgc
rdiffweb Open Redirect vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04NWZwLTUyM3EtNXh3Y84AAwgY
rdiffweb vulnerable to Cross-Site Request Forgery
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1nNTk0LTU1bXAtZjZxOM4AAwRe
Improper Privilege Management in rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS00d3BoLTl2cm0tNnYzd84AAv6l
Rdiffweb vulnerable to Missing Authentication for Critical Function
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS05NHFtLTk5cWMtcXdxas4AAv4Y
rdiffweb vulnerable to Insufficient Session Expiration
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS1qdzM2LW1ydmctajVmeM4AAvjj
Rdiffweb subject to Business Logic Errors
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS05OWo1LWZ2ZzMtNTRwbc4AAvef
Rdiffweb is missing authentication for critical function
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS14OHgyLXdjMmgtd2M0OM4AAvV4
Missing rate limit on rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS04MjR4LWpjeGYtaHBmZ84AAvUI
Origin Validation Error in rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS05MmdmLXAzNzYtNnI5cs4AAvUF
Missing rate limit on rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
GSA_kwCzR0hTQS04ZzltLXZ2NjktN2o5Oc4AAvN5
rdiffweb vulnerable to Open Redirect
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: almost 2 years ago
High
GSA_kwCzR0hTQS05ZzN2LXYyNHEtamo1cM4AAvLV
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ocnJtLTg5NWgteGgzNM4AAvLR
rdiffweb Path Traversal vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03d3I2LWZqNHgtODkzds4AAvLP
rdiffweb allows a new password to be the same as the previous password
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS0zZmhxLTcyaHctanF3ds4AAvJb
rdiffweb's lack of token name length limit can result in DoS or memory corruption
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS04d3hmLWM0NXctZzY2Z84AAvIb
rdiffweb vulnerable to password complexity bypass leading to weak passwords
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1mcWZnLWM1NzctMnZjM84AAvHR
rdiffweb's unlimited length Fullname field can lead to DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03ZnFtLWptNTItZjl2Y84AAvGZ
rdiffweb vulnerable to Use of Cache Containing Sensitive Information
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
GSA_kwCzR0hTQS1xcTI5LTV2amgtdnh3cs4AAvFY
rdiffweb vulnerable to Improper Cleanup on Thrown Exception
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 1.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ocmo3LWY2MmYtajd4N84AAvFK
rdiffweb allows unlimited length of root directory name, which could result in DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS01djk1LWo0cnItNmYzY84AAvEt
rdiffweb's unlimited username field length can lead to DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1xcmozLWhyZ2otZm03cs4AAvD8
rdiffweb's unlimited length email field can lead to DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
High
GSA_kwCzR0hTQS14aHc5LTR3cXEteDY3ds4AAvD_
rdiffweb vulnerable to potential DoS via memory consumption
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS1qM3E0LWdtajQtbWo5Nc4AAvB7
rdiffweb vulnerable to account access via session fixation
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1nbWo4LTg0cjQtaDQ2as4AAu_k
rdiffweb Cross-Site Request Forgery vulnerability can lead to user email ID being changed
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS03NGo2LTNoaDQtdzNmNc4AAu_i
rdiffweb Cross-Site Request Forgery vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1tNzQ4LWhqcWctcnBwOM4AAu-1
rdiffweb has insecure HTTP cookies
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS05dnhmLW1jbTYtNW00Ms4AAu-C
rdiffweb CSRF could lead to disabling notifications in user profile
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jdzJ2LXd2NGctdzRwNs4AAu6H
rdiffweb CSRF vulnerability in admin area can lead to deletion of repositories and users
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.1
Published: almost 2 years ago
High
GSA_kwCzR0hTQS12cTRoLXhyd2MtbTYzOc4AAu0X
rdiffweb CSRF vulnerability in profile's SSH keys can lead to unauthorized access
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tanc0LXh2eDYtM2dyZ84AAuyq
rdiffweb 2.4.1 vulnerable to Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS1jaDRjLTI3OHEtNTY1NM4AAuyc
rdiffweb 2.4.1 Missing Custom Error Page
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 2.5
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tcDVwLWcyanYtcjhxd84AAuwS
rdiffweb 2.4.1 contains Weak Password Requirements
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1tMzc5LXg0eGMtMzh4Oc4AAurl
rdiffweb vulnerable to Improper Restriction of Rendered UI Layers or Frames
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: almost 2 years ago
Statistics
Advisories: 19,486
Packages: 8,600
Repositories: 1
Ecosystems: 12
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 apache-airflow 80 django 80 ansible 63 salt 55 Plone 52 apache-superset 50 nova 47 mlflow 46 plone 43 rdiffweb 42 Pillow 41 vyper 38 Django 36 matrix-synapse 35 moin 35 keystone 31 opencv-python 30 opencv-contrib-python 30 glance 20 langchain 19 gradio 18 cobbler 17 mercurial 17 PaddlePaddle 17 neutron 16 pillow 16 paddlepaddle 15 notebook 15 cryptography 15 pyload-ng 14 modoboa 14 pyftpdlib 14 ethyca-fides 13 OctoPrint 13 vantage6 13 urllib3 12 wagtail 12 swift 12 calibreweb 11 twisted 11 zenml 11 aiohttp 11 onionshare-cli 11 horizon 11 trytond 10 Flask-AppBuilder 10 nautobot 10 zope 9 opencv-contrib-python-headless 9 opencv-python-headless 9 ryu 9 roundup 9 Zope 9 kiwitcms 9 cinder 9 waitress 9 aubio 8 trac 8 numpy 8 label-studio 8 python-keystoneclient 8 jupyter-server 7 lollms 7 sentry 7 lief 7 ipython 7 matrix-sydent 7 scrapy 7 pip 7 pysaml2 7 pgadmin4 7 litellm 7 yt-dlp 6 tornado 6 Zope2 6 Moin 6 graphite-web 6 apache-airflow-providers-apache-hive 6 mailman 6 requests 6 web2py 6 tuf 6 mindsdb 6 lxml 6 inventree 6 nltk 5 Products.CMFPlone 5 Jinja2 5 python-gnupg 5 feedparser 5 whoogle-search 5 omero-web 5 saleor 5 lmdb 5 oauthenticator 5 paramiko 5 pyspark 5 ckan 5 bleach 5 PyPDF2 4 jupyterhub 4 buildbot 4 Scrapy 4 datasette 4 esphome 4 transformers 4 tripleo-heat-templates 4 ansible-core 4 reportlab 4 FreeTAKServer-UI 4 grpcio 4 grpc 4 GitPython 4 nvflare 4 Flask-Security-Too 4 httpie 4 markdown2 4 Pygments 4 starlette 4 barbican 4 Weblate 4 werkzeug 4 Radicale 4 keylime 4 bottle 4 qutebrowser 4 jwcrypto 4 Keystone 4 awsiotsdk 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 aws-iot-device-sdk-v2 4 Werkzeug 4 pretix 4 Red-DiscordBot 3 torchserve 3 langchain-experimental 3 streamlit 3 apache-libcloud 3 ujson 3 SQLAlchemy 3 Kallithea 3 pywasm3 3 mayan-edms 3 poetry 3 plone.supermodel 3 plone.app.dexterity 3 plone.app.theming 3 plone.app.event 3 gerapy 3 protobuf 3 dbt-core 3 bitlyshortener 3 pyyaml 3 sanic 3 vanna 3 sqlparse 3 ajenti 3 Products.PluggableAuthService 3 ydata-profiling 3 Nova 3 copyparty 3 httplib2 3 scikit-learn 3 django-helpdesk 3 jupyterlab 3 homeassistant 3 onnx 3 aim 3 indy-node 3 pyarrow 3 mitmproxy 3 pandasai 3 apache-iotdb 3 apache-airflow-providers-apache-spark 3 octavia 3 asyncua 3 certifi 3 slixmpp 3 openvpn-monitor 3 changedetection.io 3 flask 3 wger 3 keyring 3 clearml 3 docassemble.webapp 3 sosreport 3 mistune 3 sickrage 3 Mezzanine 3 io.grpc:grpc-protobuf 3 dtale 3 ansible-runner 3 localstack 3 django-tinymce 3 h2o 3 fava 3 TinyMCE 3