Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi rdiffweb Security Advisories

Loading...
Critical
GSA_kwCzR0hTQS1nNTk0LTU1bXAtZjZxOM4AAwRe
Improper Privilege Management in rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS00d3BoLTl2cm0tNnYzd84AAv6l
Rdiffweb vulnerable to Missing Authentication for Critical Function
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS05MmdmLXAzNzYtNnI5cs4AAvUF
Missing rate limit on rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Critical
GSA_kwCzR0hTQS1qdzM2LW1ydmctajVmeM4AAvjj
Rdiffweb subject to Business Logic Errors
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 7 months ago
Critical
GSA_kwCzR0hTQS14OHgyLXdjMmgtd2M0OM4AAvV4
Missing rate limit on rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Critical
GSA_kwCzR0hTQS04MjR4LWpjeGYtaHBmZ84AAvUI
Origin Validation Error in rdiffweb
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
High
GSA_kwCzR0hTQS1ocnJtLTg5NWgteGgzNM4AAvLR
rdiffweb Path Traversal vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
High
GSA_kwCzR0hTQS0zZmhxLTcyaHctanF3ds4AAvJb
rdiffweb's lack of token name length limit can result in DoS or memory corruption
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS04d3hmLWM0NXctZzY2Z84AAvIb
rdiffweb vulnerable to password complexity bypass leading to weak passwords
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
High
GSA_kwCzR0hTQS1ocmo3LWY2MmYtajd4N84AAvFK
rdiffweb allows unlimited length of root directory name, which could result in DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
High
GSA_kwCzR0hTQS14aHc5LTR3cXEteDY3ds4AAvD_
rdiffweb vulnerable to potential DoS via memory consumption
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
High
GSA_kwCzR0hTQS01djk1LWo0cnItNmYzY84AAvEt
rdiffweb's unlimited username field length can lead to DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS05dnhmLW1jbTYtNW00Ms4AAu-C
rdiffweb CSRF could lead to disabling notifications in user profile
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1jdzJ2LXd2NGctdzRwNs4AAu6H
rdiffweb CSRF vulnerability in admin area can lead to deletion of repositories and users
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
High
GSA_kwCzR0hTQS12cTRoLXhyd2MtbTYzOc4AAu0X
rdiffweb CSRF vulnerability in profile's SSH keys can lead to unauthorized access
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS03ZnFtLWptNTItZjl2Y84AAvGZ
rdiffweb vulnerable to Use of Cache Containing Sensitive Information
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS1jaDRjLTI3OHEtNTY1NM4AAuyc
rdiffweb 2.4.1 Missing Custom Error Page
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
High
GSA_kwCzR0hTQS1tanc0LXh2eDYtM2dyZ84AAuyq
rdiffweb 2.4.1 vulnerable to Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS1mcWZnLWM1NzctMnZjM84AAvHR
rdiffweb's unlimited length Fullname field can lead to DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS1tNzQ4LWhqcWctcnBwOM4AAu-1
rdiffweb has insecure HTTP cookies
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
High
GSA_kwCzR0hTQS1tcDVwLWcyanYtcjhxd84AAuwS
rdiffweb 2.4.1 contains Weak Password Requirements
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS04ZzltLXZ2NjktN2o5Oc4AAvN5
rdiffweb vulnerable to Open Redirect
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS03d3I2LWZqNHgtODkzds4AAvLP
rdiffweb allows a new password to be the same as the previous password
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
High
GSA_kwCzR0hTQS1tMzc5LXg0eGMtMzh4Oc4AAurl
rdiffweb vulnerable to Improper Restriction of Rendered UI Layers or Frames
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS03NGo2LTNoaDQtdzNmNc4AAu_i
rdiffweb Cross-Site Request Forgery vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
Critical
GSA_kwCzR0hTQS1qM3E0LWdtajQtbWo5Nc4AAvB7
rdiffweb vulnerable to account access via session fixation
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
GSA_kwCzR0hTQS02MzlmLWh4Y3YtODRtY84AAwgc
rdiffweb Open Redirect vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 6 months ago
High
GSA_kwCzR0hTQS1oNXdwLWpycWMtY3d3eM4AAwnl
rdiffweb vulnerable to Open Redirect
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS04M3BtLTd2NDgtNWpwNM4AAwnu
rdiffweb vulnerable to Special Element Injection
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 5 months ago
Critical
GSA_kwCzR0hTQS1tOHI5LXF4eDgtbXJ4cM4AAwnn
rdiffweb Improper Access Control vulnerability
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 5 months ago
High
GSA_kwCzR0hTQS13ZjMzLTZ4MzMtd2NmOc4AAwnp
rdiffweb vulnerable to Authentication Bypass by Primary Weakness
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS03cTRyLXg1cWctbW1jcM4AAwns
rdiffweb has no rate limit on resend email feature
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS04NWZwLTUyM3EtNXh3Y84AAwgY
rdiffweb vulnerable to Cross-Site Request Forgery
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 6 months ago
Critical
GSA_kwCzR0hTQS05NHFtLTk5cWMtcXdxas4AAv4Y
rdiffweb vulnerable to Insufficient Session Expiration
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 7 months ago
Critical
GSA_kwCzR0hTQS05OWo1LWZ2ZzMtNTRwbc4AAvef
Rdiffweb is missing authentication for critical function
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Low
GSA_kwCzR0hTQS1xcTI5LTV2amgtdnh3cs4AAvFY
rdiffweb vulnerable to Improper Cleanup on Thrown Exception
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
High
GSA_kwCzR0hTQS1xcmozLWhyZ2otZm03cs4AAvD8
rdiffweb's unlimited length email field can lead to DoS
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Moderate
GSA_kwCzR0hTQS0yd3B3LWNtOXctdjR4bc4AAwnq
rdiffweb vulnerable to Business Logic Errors
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 5 months ago
High
GSA_kwCzR0hTQS1nbWo4LTg0cjQtaDQ2as4AAu_k
rdiffweb Cross-Site Request Forgery vulnerability can lead to user email ID being changed
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 9 months ago
High
GSA_kwCzR0hTQS05ZzN2LXYyNHEtamo1cM4AAvLV
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Published: 8 months ago
Filter by Package
tensorflow 433 tensorflow-cpu 387 tensorflow-gpu 384 apache-airflow 45 ansible 44 django 42 rdiffweb 40 Pillow 39 opencv-contrib-python 30 opencv-python 30 Plone 26 matrix-synapse 25 apache-superset 22 vyper 16 Django 15 notebook 13 pyftpdlib 13 nova 13 onionshare-cli 11 modoboa 11 calibreweb 11 twisted 10 opencv-contrib-python-headless 9 opencv-python-headless 9 waitress 9 cobbler 9 kiwitcms 8 OctoPrint 8 pyload-ng 8 glance 8 wagtail 8 keystone 8 cryptography 8 Flask-AppBuilder 7 pillow 7 pysaml2 7 numpy 7 urllib3 7 mlflow 7 lief 6 ipython 6 inventree 6 python-gnupg 6 Zope2 6 Zope 5 bleach 5 salt 5 matrix-sydent 5 tuf 5 pip 5 feedparser 5 lxml 5 swift 5 aws-iot-device-sdk-v2 4 awsiotsdk 4 qutebrowser 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 starlette 4 Flask-Security-Too 4 gerapy 4 Jinja2 4 markdown2 4 requests 4 neutron 4 graphite-web 4 nltk 4 jupyter-server 4 FreeTAKServer-UI 4 pyspark 4 scrapy 4 nvflare 4 apache-airflow-providers-apache-hive 4 flask 3 indy-node 3 cinder 3 plone 3 protobuf 3 ckan 3 poetry 3 Pygments 3 Werkzeug 3 bitlyshortener 3 vantage6 3 plone.supermodel 3 plone.app.event 3 plone.app.dexterity 3 plone.app.theming 3 ujson 3 omero-web 3 Products.PluggableAuthService 3 ansible-runner 3 jupyterhub 3 fava 3 mailman 3 bottle 3 paramiko 3 werkzeug 3 oauthenticator 3 pgadmin4 3 saleor 3 quokka 3 pyyaml 3 python-keystoneclient 3 httpie 3 mistune 3 mitmproxy 3 gradio 3 Weblate 3 django-helpdesk 3 ecdsa 3 datasette 3 aubio 3 moin 3 mayan-edms 3 distributed 2 google/protobuf 2 label-studio 2 com.google.protobuf:protobuf-parent 2 github.com/protocolbuffers/protobuf 2 Google.Protobuf 2 untangle 2 Twisted 2 openzeppelin-cairo-contracts 2 aws-encryption-sdk-cli 2 petl 2 indico 2 parlai 2 apache-iotdb 2 markdown-it-py 2 mindsdb 2 guarddog 2 CairoSVG 2 pyjwt 2 pretalx 2 reportlab 2 apache-airflow-providers-google 2 tripleo-ansible 2 autobahn 2 flower 2 djangorestframework 2 aws-encryption-sdk 2 openapi-python-client 2 aiohttp-session 2 ubi-reader 2 rpyc 2 wagtail-2fa 2 sanic 2 typed-ast 2 aioxmpp 2 redis 2 streamlit 2 shuup 2 django-unicorn 2 simiki 2 dompurify 2 bikeshed 2 pycrypto 2 mako 2 in-toto 2 tripleo-heat-templates 2 sqlparse 2 py 2 sickrage 2 SQLAlchemy 2 webargs 2 rsa 2 aiohttp 2 httplib2 2 Red-DiscordBot 2 python-cjson 2 logilab-common 2 red-arrow 2 pyarrow 2 uvicorn 2 web2py 2 ctx 2 websockets 2 pyopenssl 2 python-ldap 2 django-sendfile2 2 tryton 2 safeurl-python 2 keyring 2 superset 2 paddlepaddle 2 pywasm3 2 trytond 2 roundup 2 pytorch-lightning 2 starkbank-ecdsa 2 binwalk 2 tlslite-ng 2 proteus 2 org.apache.spark:spark-parent_2.12 2 archivy 2 FreeTAKServer 2 html5lib 2 scout-browser 2 django-anymail 2 python-libnmap 2 localstack 2 Products.CMFPlone 2 django-two-factor-auth 1 django-basic-auth-ip-whitelist 1 transformers 1 tornado 1 AccessControl 1 PyYAML 1 loguru 1 opcua 1 jsnapy 1 guake 1 url_regex 1 xmpp-http-upload 1 blazar-dashboard 1 aleksis-core 1 django-mfa3 1 datasette-graphql 1 amundsen-frontend 1 red-dashboard 1 flask-session-captcha 1 pollbot 1 alerta-server 1 py-mini-racer 1 botframework-connector 1 luigi 1 FedMsg 1 Products.PlonePAS 1 django-rest-registration 1 jinja2 1 mercurial 1 mpmath 1 pypiserver 1 jupyter_server 1 Lin-CMS 1 mod-wsgi 1 nemo_toolkit 1 papermerge 1 org.apache.spark:spark-core 1 sopel-modules.weather 1 invenio-records 1 tenable-jira-cloud 1 io.github.talelin:lin-cms-core 1 asyncpg 1 supervisor 1 xml2rfc 1 pymdown-extensions 1 svglib 1 jw.util 1 contentful 1 invenio-drafts-resources 1 invenio-rdm-records 1 invenio-app-rdm 1 thefuck 1 mysql-connector-python 1 jupyter-notebook 1 Flask-Caching 1 openssh-key-parser 1 psiTurk 1 weixin-python 1 fastapi 1 TurboGears 1 blackduck 1 Kotti 1 Flask-Unchained 1 barbican 1 onnx 1 ihatemoney 1 XML2Dict 1 pywin32 1 django-celery-results 1 Glances 1 celery 1 pipenv 1 ladon 1 libtaxii 1 ipycache 1 rencode 1 dnslib 1 recommender-xblock 1 mitogen 1 django-cms 1 pywb 1 gateone 1 django-widgy 1 django-crm 1 pulsar-client 1 omero-figure 1 CoAPthon 1 sqla-yaml-fixtures 1 sqlite-web 1 conference-scheduler-cli 1 marshmallow 1 marcador 1 safety 1 mage-ai 1 py-evm 1 django-epiceditor 1 leo 1 spotipy 1