Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/rdiffweb@2.4.6
Typepypi
Namespace
Namerdiffweb
Version2.4.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.8.4
Latest_non_vulnerable_version2.8.4
Affected_by_vulnerabilities
0
url VCID-1fg8-rcx8-77fq
vulnerability_id VCID-1fg8-rcx8-77fq
summary Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/e974df75bdbcff3996ad70bd1b4424ec1485ea3f
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/e974df75bdbcff3996ad70bd1b4424ec1485ea3f
1
reference_url https://huntr.dev/bounties/8834c356-4ddb-4be7-898b-d76f480e9c3f
reference_id
reference_type
scores
url https://huntr.dev/bounties/8834c356-4ddb-4be7-898b-d76f480e9c3f
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.7
purl pkg:pypi/rdiffweb@2.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-29xz-5wxu-ybed
3
vulnerability VCID-52wf-fheq-cuer
4
vulnerability VCID-57wc-s2nn-cyeu
5
vulnerability VCID-5xg7-u3nr-nkfg
6
vulnerability VCID-6zc1-xs64-1bc6
7
vulnerability VCID-9f5c-ne9b-27fd
8
vulnerability VCID-dpbu-gy6u-abd3
9
vulnerability VCID-ep38-eu98-fbas
10
vulnerability VCID-fcym-y8c1-xqdq
11
vulnerability VCID-h6v3-24fq-3udw
12
vulnerability VCID-mr71-9e9c-zbda
13
vulnerability VCID-n88y-9qre-n3bz
14
vulnerability VCID-nc4e-1muy-1kd7
15
vulnerability VCID-ps4e-cg34-wyah
16
vulnerability VCID-qcsd-5htt-h3ev
17
vulnerability VCID-rynh-v7q5-6kdg
18
vulnerability VCID-sn4z-f439-6qe7
19
vulnerability VCID-tv4c-g8r6-xbf6
20
vulnerability VCID-vmrb-sm2h-hqf1
21
vulnerability VCID-wyn5-w4qh-nfht
22
vulnerability VCID-yssm-eyx3-efhs
23
vulnerability VCID-yz9x-nz9u-wybe
24
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.7
aliases CVE-2022-3274, PYSEC-2022-289
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fg8-rcx8-77fq
1
url VCID-25yw-5nru-aygm
vulnerability_id VCID-25yw-5nru-aygm
summary Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/b2df3679564d0daa2856213bb307d3e34bd89a25
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/b2df3679564d0daa2856213bb307d3e34bd89a25
1
reference_url https://huntr.dev/bounties/b2dc504d-92ae-4221-a096-12ff223d95a8
reference_id
reference_type
scores
url https://huntr.dev/bounties/b2dc504d-92ae-4221-a096-12ff223d95a8
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.2
purl pkg:pypi/rdiffweb@2.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-287j-23ju-9fhk
1
vulnerability VCID-52wf-fheq-cuer
2
vulnerability VCID-57wc-s2nn-cyeu
3
vulnerability VCID-6zc1-xs64-1bc6
4
vulnerability VCID-ep38-eu98-fbas
5
vulnerability VCID-h6v3-24fq-3udw
6
vulnerability VCID-qcsd-5htt-h3ev
7
vulnerability VCID-tv4c-g8r6-xbf6
8
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.2
aliases CVE-2022-4314, PYSEC-2022-43002
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-25yw-5nru-aygm
2
url VCID-287j-23ju-9fhk
vulnerability_id VCID-287j-23ju-9fhk
summary Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/6afaae56a29536f0118b3380d296c416aa6d078d
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/6afaae56a29536f0118b3380d296c416aa6d078d
1
reference_url https://huntr.dev/bounties/339687af-6e25-4ad8-823d-c097f607ea70
reference_id
reference_type
scores
url https://huntr.dev/bounties/339687af-6e25-4ad8-823d-c097f607ea70
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.5
purl pkg:pypi/rdiffweb@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-52wf-fheq-cuer
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.5
aliases CVE-2022-4720, PYSEC-2022-43006
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-287j-23ju-9fhk
3
url VCID-29xz-5wxu-ybed
vulnerability_id VCID-29xz-5wxu-ybed
summary Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/626cca1b75b6c587afd4241a9692e8929b1921a5
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/626cca1b75b6c587afd4241a9692e8929b1921a5
1
reference_url https://huntr.dev/bounties/f9fedf94-41c9-49c4-8552-e407123a44e7
reference_id
reference_type
scores
url https://huntr.dev/bounties/f9fedf94-41c9-49c4-8552-e407123a44e7
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.8
purl pkg:pypi/rdiffweb@2.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-9f5c-ne9b-27fd
7
vulnerability VCID-ep38-eu98-fbas
8
vulnerability VCID-fcym-y8c1-xqdq
9
vulnerability VCID-h6v3-24fq-3udw
10
vulnerability VCID-n88y-9qre-n3bz
11
vulnerability VCID-ps4e-cg34-wyah
12
vulnerability VCID-qcsd-5htt-h3ev
13
vulnerability VCID-rynh-v7q5-6kdg
14
vulnerability VCID-sn4z-f439-6qe7
15
vulnerability VCID-tv4c-g8r6-xbf6
16
vulnerability VCID-wyn5-w4qh-nfht
17
vulnerability VCID-yssm-eyx3-efhs
18
vulnerability VCID-yz9x-nz9u-wybe
19
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.8
aliases CVE-2022-3298, PYSEC-2022-294
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-29xz-5wxu-ybed
4
url VCID-52wf-fheq-cuer
vulnerability_id VCID-52wf-fheq-cuer
summary Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4.
references
0
reference_url https://github.com/ikus060/rdiffweb
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb
1
reference_url https://github.com/ikus060/rdiffweb/commit/06f89b43469aae70e8833e55192721523f86c5a2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://github.com/ikus060/rdiffweb/commit/06f89b43469aae70e8833e55192721523f86c5a2
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/rdiffweb/PYSEC-2023-186.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/rdiffweb/PYSEC-2023-186.yaml
3
reference_url https://huntr.dev/bounties/8d0e0804-d3fd-49fe-bfa4-7a91135767ce
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://huntr.dev/bounties/8d0e0804-d3fd-49fe-bfa4-7a91135767ce
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-5289
reference_id CVE-2023-5289
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-5289
5
reference_url https://github.com/advisories/GHSA-c4rv-2j6x-pq7x
reference_id GHSA-c4rv-2j6x-pq7x
reference_type
scores
url https://github.com/advisories/GHSA-c4rv-2j6x-pq7x
fixed_packages
0
url pkg:pypi/rdiffweb@2.8.4
purl pkg:pypi/rdiffweb@2.8.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.8.4
aliases CVE-2023-5289, GHSA-c4rv-2j6x-pq7x, PYSEC-2023-186
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-52wf-fheq-cuer
5
url VCID-57wc-s2nn-cyeu
vulnerability_id VCID-57wc-s2nn-cyeu
summary Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/e6f0d8002129be90fe82fa3e3ea0a6942caba398
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/e6f0d8002129be90fe82fa3e3ea0a6942caba398
1
reference_url https://huntr.dev/bounties/17bc1b0f-1f5c-432f-88e4-c9866ccf6e10
reference_id
reference_type
scores
url https://huntr.dev/bounties/17bc1b0f-1f5c-432f-88e4-c9866ccf6e10
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.4
purl pkg:pypi/rdiffweb@2.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-287j-23ju-9fhk
1
vulnerability VCID-52wf-fheq-cuer
2
vulnerability VCID-6zc1-xs64-1bc6
3
vulnerability VCID-ep38-eu98-fbas
4
vulnerability VCID-h6v3-24fq-3udw
5
vulnerability VCID-qcsd-5htt-h3ev
6
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.4
aliases CVE-2022-4646, PYSEC-2022-43004
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57wc-s2nn-cyeu
6
url VCID-5xg7-u3nr-nkfg
vulnerability_id VCID-5xg7-u3nr-nkfg
summary Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/6efb995bc32c8a8e9ad755eb813dec991dffb2b8
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/6efb995bc32c8a8e9ad755eb813dec991dffb2b8
1
reference_url https://huntr.dev/bounties/ca428c31-858d-47fa-adc9-2a59f8e8b2b1
reference_id
reference_type
scores
url https://huntr.dev/bounties/ca428c31-858d-47fa-adc9-2a59f8e8b2b1
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.0
purl pkg:pypi/rdiffweb@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-6zc1-xs64-1bc6
5
vulnerability VCID-ep38-eu98-fbas
6
vulnerability VCID-h6v3-24fq-3udw
7
vulnerability VCID-qcsd-5htt-h3ev
8
vulnerability VCID-tv4c-g8r6-xbf6
9
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.0
aliases CVE-2022-3362, PYSEC-2022-43000
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xg7-u3nr-nkfg
7
url VCID-6zc1-xs64-1bc6
vulnerability_id VCID-6zc1-xs64-1bc6
summary Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/c4a19cf67d575c4886171b8efcbf4675d51f3929
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/c4a19cf67d575c4886171b8efcbf4675d51f3929
1
reference_url https://huntr.dev/bounties/e6fb1931-8d9c-4895-be4a-59839b4b6445
reference_id
reference_type
scores
url https://huntr.dev/bounties/e6fb1931-8d9c-4895-be4a-59839b4b6445
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.5
purl pkg:pypi/rdiffweb@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-52wf-fheq-cuer
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.5
aliases CVE-2022-4724, PYSEC-2022-43010
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6zc1-xs64-1bc6
8
url VCID-9f5c-ne9b-27fd
vulnerability_id VCID-9f5c-ne9b-27fd
summary Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/f2a32f2a9f3fb8be1a9432ac3d81d3aacdb13095
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/f2a32f2a9f3fb8be1a9432ac3d81d3aacdb13095
1
reference_url https://huntr.dev/bounties/5340c2f6-0252-40f6-8929-cca5d64958a5
reference_id
reference_type
scores
url https://huntr.dev/bounties/5340c2f6-0252-40f6-8929-cca5d64958a5
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.11a1
purl pkg:pypi/rdiffweb@2.4.11a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-ep38-eu98-fbas
7
vulnerability VCID-fcym-y8c1-xqdq
8
vulnerability VCID-h6v3-24fq-3udw
9
vulnerability VCID-n88y-9qre-n3bz
10
vulnerability VCID-ps4e-cg34-wyah
11
vulnerability VCID-qcsd-5htt-h3ev
12
vulnerability VCID-rynh-v7q5-6kdg
13
vulnerability VCID-tv4c-g8r6-xbf6
14
vulnerability VCID-wyn5-w4qh-nfht
15
vulnerability VCID-yssm-eyx3-efhs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.11a1
aliases CVE-2022-4018, PYSEC-2022-43001
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9f5c-ne9b-27fd
9
url VCID-dpbu-gy6u-abd3
vulnerability_id VCID-dpbu-gy6u-abd3
summary Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/667657c6fe2b336c90be37f37fb92f65df4feee3
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/667657c6fe2b336c90be37f37fb92f65df4feee3
1
reference_url https://huntr.dev/bounties/733678b9-daa1-4d6a-875a-382fa09a6e38
reference_id
reference_type
scores
url https://huntr.dev/bounties/733678b9-daa1-4d6a-875a-382fa09a6e38
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.8
purl pkg:pypi/rdiffweb@2.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-9f5c-ne9b-27fd
7
vulnerability VCID-ep38-eu98-fbas
8
vulnerability VCID-fcym-y8c1-xqdq
9
vulnerability VCID-h6v3-24fq-3udw
10
vulnerability VCID-n88y-9qre-n3bz
11
vulnerability VCID-ps4e-cg34-wyah
12
vulnerability VCID-qcsd-5htt-h3ev
13
vulnerability VCID-rynh-v7q5-6kdg
14
vulnerability VCID-sn4z-f439-6qe7
15
vulnerability VCID-tv4c-g8r6-xbf6
16
vulnerability VCID-wyn5-w4qh-nfht
17
vulnerability VCID-yssm-eyx3-efhs
18
vulnerability VCID-yz9x-nz9u-wybe
19
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.8
aliases CVE-2022-3272, PYSEC-2022-291
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpbu-gy6u-abd3
10
url VCID-ep38-eu98-fbas
vulnerability_id VCID-ep38-eu98-fbas
summary Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/6afaae56a29536f0118b3380d296c416aa6d078d
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/6afaae56a29536f0118b3380d296c416aa6d078d
1
reference_url https://huntr.dev/bounties/3c48ef5d-da4d-4ee4-aaca-af65e7273720
reference_id
reference_type
scores
url https://huntr.dev/bounties/3c48ef5d-da4d-4ee4-aaca-af65e7273720
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.5
purl pkg:pypi/rdiffweb@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-52wf-fheq-cuer
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.5
aliases CVE-2022-4721, PYSEC-2022-43007
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ep38-eu98-fbas
11
url VCID-fcym-y8c1-xqdq
vulnerability_id VCID-fcym-y8c1-xqdq
summary Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/afc1bdfab5161c74012ff2590a6ec49cc0d8fde0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://github.com/ikus060/rdiffweb/commit/afc1bdfab5161c74012ff2590a6ec49cc0d8fde0
1
reference_url https://huntr.dev/bounties/cfcab02e-d6ad-4dcf-b1b0-da90434bc55b
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://huntr.dev/bounties/cfcab02e-d6ad-4dcf-b1b0-da90434bc55b
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.0
purl pkg:pypi/rdiffweb@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-6zc1-xs64-1bc6
5
vulnerability VCID-ep38-eu98-fbas
6
vulnerability VCID-h6v3-24fq-3udw
7
vulnerability VCID-qcsd-5htt-h3ev
8
vulnerability VCID-tv4c-g8r6-xbf6
9
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.0
aliases CVE-2022-3457, PYSEC-2022-43161
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fcym-y8c1-xqdq
12
url VCID-h6v3-24fq-3udw
vulnerability_id VCID-h6v3-24fq-3udw
summary Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/6e9ee210548f6d3210704cac302cfc7cdb239765
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/6e9ee210548f6d3210704cac302cfc7cdb239765
1
reference_url https://huntr.dev/bounties/9369681b-8bfc-4146-a54c-c5108442d92c
reference_id
reference_type
scores
url https://huntr.dev/bounties/9369681b-8bfc-4146-a54c-c5108442d92c
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.5
purl pkg:pypi/rdiffweb@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-52wf-fheq-cuer
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.5
aliases CVE-2022-4723, PYSEC-2022-43009
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6v3-24fq-3udw
13
url VCID-mr71-9e9c-zbda
vulnerability_id VCID-mr71-9e9c-zbda
summary Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/667657c6fe2b336c90be37f37fb92f65df4feee3
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/667657c6fe2b336c90be37f37fb92f65df4feee3
1
reference_url https://huntr.dev/bounties/202dd03a-3d97-4c64-bc73-1a0f36614233
reference_id
reference_type
scores
url https://huntr.dev/bounties/202dd03a-3d97-4c64-bc73-1a0f36614233
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.8
purl pkg:pypi/rdiffweb@2.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-9f5c-ne9b-27fd
7
vulnerability VCID-ep38-eu98-fbas
8
vulnerability VCID-fcym-y8c1-xqdq
9
vulnerability VCID-h6v3-24fq-3udw
10
vulnerability VCID-n88y-9qre-n3bz
11
vulnerability VCID-ps4e-cg34-wyah
12
vulnerability VCID-qcsd-5htt-h3ev
13
vulnerability VCID-rynh-v7q5-6kdg
14
vulnerability VCID-sn4z-f439-6qe7
15
vulnerability VCID-tv4c-g8r6-xbf6
16
vulnerability VCID-wyn5-w4qh-nfht
17
vulnerability VCID-yssm-eyx3-efhs
18
vulnerability VCID-yz9x-nz9u-wybe
19
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.8
aliases CVE-2022-3295, PYSEC-2022-293
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mr71-9e9c-zbda
14
url VCID-n88y-9qre-n3bz
vulnerability_id VCID-n88y-9qre-n3bz
summary Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/4d464b467f14b8eb9103d7f5f0774e49995527c7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://github.com/ikus060/rdiffweb/commit/4d464b467f14b8eb9103d7f5f0774e49995527c7
1
reference_url https://huntr.dev/bounties/bc5689e4-221a-4200-a8ab-42c659f89f67
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://huntr.dev/bounties/bc5689e4-221a-4200-a8ab-42c659f89f67
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.0
purl pkg:pypi/rdiffweb@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-6zc1-xs64-1bc6
5
vulnerability VCID-ep38-eu98-fbas
6
vulnerability VCID-h6v3-24fq-3udw
7
vulnerability VCID-qcsd-5htt-h3ev
8
vulnerability VCID-tv4c-g8r6-xbf6
9
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.0
aliases CVE-2022-3438, PYSEC-2022-43158
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n88y-9qre-n3bz
15
url VCID-nc4e-1muy-1kd7
vulnerability_id VCID-nc4e-1muy-1kd7
summary Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/5ac38b2a75becbab9f948bd5e37ecbcd9f0b362e
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/5ac38b2a75becbab9f948bd5e37ecbcd9f0b362e
1
reference_url https://huntr.dev/bounties/d3bf1e5d-055a-44b8-8d60-54ab966ed63a
reference_id
reference_type
scores
url https://huntr.dev/bounties/d3bf1e5d-055a-44b8-8d60-54ab966ed63a
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.8
purl pkg:pypi/rdiffweb@2.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-9f5c-ne9b-27fd
7
vulnerability VCID-ep38-eu98-fbas
8
vulnerability VCID-fcym-y8c1-xqdq
9
vulnerability VCID-h6v3-24fq-3udw
10
vulnerability VCID-n88y-9qre-n3bz
11
vulnerability VCID-ps4e-cg34-wyah
12
vulnerability VCID-qcsd-5htt-h3ev
13
vulnerability VCID-rynh-v7q5-6kdg
14
vulnerability VCID-sn4z-f439-6qe7
15
vulnerability VCID-tv4c-g8r6-xbf6
16
vulnerability VCID-wyn5-w4qh-nfht
17
vulnerability VCID-yssm-eyx3-efhs
18
vulnerability VCID-yz9x-nz9u-wybe
19
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.8
aliases CVE-2022-3301, PYSEC-2022-295
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nc4e-1muy-1kd7
16
url VCID-ps4e-cg34-wyah
vulnerability_id VCID-ps4e-cg34-wyah
summary Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/c27c46bac656b1da74f28eac1b52dfa5df76e6f2
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/c27c46bac656b1da74f28eac1b52dfa5df76e6f2
1
reference_url https://huntr.dev/bounties/b8a40ba6-2452-4abe-a80a-2d065ee8891e
reference_id
reference_type
scores
url https://huntr.dev/bounties/b8a40ba6-2452-4abe-a80a-2d065ee8891e
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.0
purl pkg:pypi/rdiffweb@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-6zc1-xs64-1bc6
5
vulnerability VCID-ep38-eu98-fbas
6
vulnerability VCID-h6v3-24fq-3udw
7
vulnerability VCID-qcsd-5htt-h3ev
8
vulnerability VCID-tv4c-g8r6-xbf6
9
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.0
aliases CVE-2022-3363, PYSEC-2022-42978
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ps4e-cg34-wyah
17
url VCID-qcsd-5htt-h3ev
vulnerability_id VCID-qcsd-5htt-h3ev
summary Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/d1aaa96b665a39fba9e98d6054a9de511ba0a837
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/d1aaa96b665a39fba9e98d6054a9de511ba0a837
1
reference_url https://huntr.dev/bounties/c62126dc-d9a6-4d3e-988d-967031876c58
reference_id
reference_type
scores
url https://huntr.dev/bounties/c62126dc-d9a6-4d3e-988d-967031876c58
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.5
purl pkg:pypi/rdiffweb@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-52wf-fheq-cuer
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.5
aliases CVE-2022-4722, PYSEC-2022-43008
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcsd-5htt-h3ev
18
url VCID-rynh-v7q5-6kdg
vulnerability_id VCID-rynh-v7q5-6kdg
summary Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/b78ec09f4582e363f6f449df6f987127e126c311
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://github.com/ikus060/rdiffweb/commit/b78ec09f4582e363f6f449df6f987127e126c311
1
reference_url https://huntr.dev/bounties/37b86c45-b240-4626-bd53-b6f02d10e0d7
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://huntr.dev/bounties/37b86c45-b240-4626-bd53-b6f02d10e0d7
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.0
purl pkg:pypi/rdiffweb@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-6zc1-xs64-1bc6
5
vulnerability VCID-ep38-eu98-fbas
6
vulnerability VCID-h6v3-24fq-3udw
7
vulnerability VCID-qcsd-5htt-h3ev
8
vulnerability VCID-tv4c-g8r6-xbf6
9
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.0
aliases CVE-2022-3439, PYSEC-2022-43159
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rynh-v7q5-6kdg
19
url VCID-sn4z-f439-6qe7
vulnerability_id VCID-sn4z-f439-6qe7
summary Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/2ffc2af65c8f8113b06e0b89929c604bcdf844b9
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://github.com/ikus060/rdiffweb/commit/2ffc2af65c8f8113b06e0b89929c604bcdf844b9
1
reference_url https://huntr.dev/bounties/a9021e93-6d18-4ac1-98ce-550c4697a4ed
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://huntr.dev/bounties/a9021e93-6d18-4ac1-98ce-550c4697a4ed
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.11a1
purl pkg:pypi/rdiffweb@2.4.11a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-ep38-eu98-fbas
7
vulnerability VCID-fcym-y8c1-xqdq
8
vulnerability VCID-h6v3-24fq-3udw
9
vulnerability VCID-n88y-9qre-n3bz
10
vulnerability VCID-ps4e-cg34-wyah
11
vulnerability VCID-qcsd-5htt-h3ev
12
vulnerability VCID-rynh-v7q5-6kdg
13
vulnerability VCID-tv4c-g8r6-xbf6
14
vulnerability VCID-wyn5-w4qh-nfht
15
vulnerability VCID-yssm-eyx3-efhs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.11a1
aliases CVE-2022-3376, PYSEC-2022-43157
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sn4z-f439-6qe7
20
url VCID-t1sj-158f-efey
vulnerability_id VCID-t1sj-158f-efey
summary Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/39e7dcd4a1f44d2a7bd92b79d78a800910b1b22b
1
reference_url https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6
reference_id
reference_type
scores
url https://huntr.dev/bounties/67c25969-5e7a-4424-817e-e1a918f63cc6
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.7
purl pkg:pypi/rdiffweb@2.4.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-29xz-5wxu-ybed
3
vulnerability VCID-52wf-fheq-cuer
4
vulnerability VCID-57wc-s2nn-cyeu
5
vulnerability VCID-5xg7-u3nr-nkfg
6
vulnerability VCID-6zc1-xs64-1bc6
7
vulnerability VCID-9f5c-ne9b-27fd
8
vulnerability VCID-dpbu-gy6u-abd3
9
vulnerability VCID-ep38-eu98-fbas
10
vulnerability VCID-fcym-y8c1-xqdq
11
vulnerability VCID-h6v3-24fq-3udw
12
vulnerability VCID-mr71-9e9c-zbda
13
vulnerability VCID-n88y-9qre-n3bz
14
vulnerability VCID-nc4e-1muy-1kd7
15
vulnerability VCID-ps4e-cg34-wyah
16
vulnerability VCID-qcsd-5htt-h3ev
17
vulnerability VCID-rynh-v7q5-6kdg
18
vulnerability VCID-sn4z-f439-6qe7
19
vulnerability VCID-tv4c-g8r6-xbf6
20
vulnerability VCID-vmrb-sm2h-hqf1
21
vulnerability VCID-wyn5-w4qh-nfht
22
vulnerability VCID-yssm-eyx3-efhs
23
vulnerability VCID-yz9x-nz9u-wybe
24
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.7
aliases CVE-2022-3269, PYSEC-2022-290
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t1sj-158f-efey
21
url VCID-tv4c-g8r6-xbf6
vulnerability_id VCID-tv4c-g8r6-xbf6
summary Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/5f861670ef8f38ca8eea52a98672d0e0fabb5368
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/5f861670ef8f38ca8eea52a98672d0e0fabb5368
1
reference_url https://huntr.dev/bounties/77e5f425-c764-4cb0-936a-7a76bfcf19b0
reference_id
reference_type
scores
url https://huntr.dev/bounties/77e5f425-c764-4cb0-936a-7a76bfcf19b0
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.4
purl pkg:pypi/rdiffweb@2.5.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-287j-23ju-9fhk
1
vulnerability VCID-52wf-fheq-cuer
2
vulnerability VCID-6zc1-xs64-1bc6
3
vulnerability VCID-ep38-eu98-fbas
4
vulnerability VCID-h6v3-24fq-3udw
5
vulnerability VCID-qcsd-5htt-h3ev
6
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.4
aliases CVE-2022-4644, PYSEC-2022-43003
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tv4c-g8r6-xbf6
22
url VCID-vmrb-sm2h-hqf1
vulnerability_id VCID-vmrb-sm2h-hqf1
summary Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/667657c6fe2b336c90be37f37fb92f65df4feee3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://github.com/ikus060/rdiffweb/commit/667657c6fe2b336c90be37f37fb92f65df4feee3
1
reference_url https://huntr.dev/bounties/d8b8519d-96a5-484c-8141-624c54290bf5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://huntr.dev/bounties/d8b8519d-96a5-484c-8141-624c54290bf5
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.8
purl pkg:pypi/rdiffweb@2.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-9f5c-ne9b-27fd
7
vulnerability VCID-ep38-eu98-fbas
8
vulnerability VCID-fcym-y8c1-xqdq
9
vulnerability VCID-h6v3-24fq-3udw
10
vulnerability VCID-n88y-9qre-n3bz
11
vulnerability VCID-ps4e-cg34-wyah
12
vulnerability VCID-qcsd-5htt-h3ev
13
vulnerability VCID-rynh-v7q5-6kdg
14
vulnerability VCID-sn4z-f439-6qe7
15
vulnerability VCID-tv4c-g8r6-xbf6
16
vulnerability VCID-wyn5-w4qh-nfht
17
vulnerability VCID-yssm-eyx3-efhs
18
vulnerability VCID-yz9x-nz9u-wybe
19
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.8
aliases CVE-2022-3290, PYSEC-2022-292, PYSEC-2022-43184
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vmrb-sm2h-hqf1
23
url VCID-wyn5-w4qh-nfht
vulnerability_id VCID-wyn5-w4qh-nfht
summary Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/bc4bed89affcba71251fe54ed10639da9d392c1d
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/bc4bed89affcba71251fe54ed10639da9d392c1d
1
reference_url https://huntr.dev/bounties/9f746881-ad42-446b-9b1d-153391eacc09
reference_id
reference_type
scores
url https://huntr.dev/bounties/9f746881-ad42-446b-9b1d-153391eacc09
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.5
purl pkg:pypi/rdiffweb@2.5.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-52wf-fheq-cuer
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.5
aliases CVE-2022-4719, PYSEC-2022-43005
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wyn5-w4qh-nfht
24
url VCID-yssm-eyx3-efhs
vulnerability_id VCID-yssm-eyx3-efhs
summary Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/b78ec09f4582e363f6f449df6f987127e126c311
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://github.com/ikus060/rdiffweb/commit/b78ec09f4582e363f6f449df6f987127e126c311
1
reference_url https://huntr.dev/bounties/b34412ca-50c5-4615-b7e3-5d07d33acfce
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://huntr.dev/bounties/b34412ca-50c5-4615-b7e3-5d07d33acfce
fixed_packages
0
url pkg:pypi/rdiffweb@2.5.0
purl pkg:pypi/rdiffweb@2.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-6zc1-xs64-1bc6
5
vulnerability VCID-ep38-eu98-fbas
6
vulnerability VCID-h6v3-24fq-3udw
7
vulnerability VCID-qcsd-5htt-h3ev
8
vulnerability VCID-tv4c-g8r6-xbf6
9
vulnerability VCID-wyn5-w4qh-nfht
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.5.0
aliases CVE-2022-3456, PYSEC-2022-43160
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yssm-eyx3-efhs
25
url VCID-yz9x-nz9u-wybe
vulnerability_id VCID-yz9x-nz9u-wybe
summary Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/f2a32f2a9f3fb8be1a9432ac3d81d3aacdb13095
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/f2a32f2a9f3fb8be1a9432ac3d81d3aacdb13095
1
reference_url https://huntr.dev/bounties/02207c8f-2b15-4a31-a86a-74fd2fca0ed1
reference_id
reference_type
scores
url https://huntr.dev/bounties/02207c8f-2b15-4a31-a86a-74fd2fca0ed1
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.10
purl pkg:pypi/rdiffweb@2.4.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-9f5c-ne9b-27fd
7
vulnerability VCID-ep38-eu98-fbas
8
vulnerability VCID-fcym-y8c1-xqdq
9
vulnerability VCID-h6v3-24fq-3udw
10
vulnerability VCID-n88y-9qre-n3bz
11
vulnerability VCID-ps4e-cg34-wyah
12
vulnerability VCID-qcsd-5htt-h3ev
13
vulnerability VCID-rynh-v7q5-6kdg
14
vulnerability VCID-sn4z-f439-6qe7
15
vulnerability VCID-tv4c-g8r6-xbf6
16
vulnerability VCID-wyn5-w4qh-nfht
17
vulnerability VCID-yssm-eyx3-efhs
18
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.10
aliases CVE-2022-3327, PYSEC-2022-42977
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yz9x-nz9u-wybe
26
url VCID-zzjz-9wv2-vfcc
vulnerability_id VCID-zzjz-9wv2-vfcc
summary Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/b5e3bb0a98268d18ceead36ab9b2b7eaacd659a8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://github.com/ikus060/rdiffweb/commit/b5e3bb0a98268d18ceead36ab9b2b7eaacd659a8
1
reference_url https://huntr.dev/bounties/a6df4bad-3382-4add-8918-760d885690f6
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://huntr.dev/bounties/a6df4bad-3382-4add-8918-760d885690f6
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.11a1
purl pkg:pypi/rdiffweb@2.4.11a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25yw-5nru-aygm
1
vulnerability VCID-287j-23ju-9fhk
2
vulnerability VCID-52wf-fheq-cuer
3
vulnerability VCID-57wc-s2nn-cyeu
4
vulnerability VCID-5xg7-u3nr-nkfg
5
vulnerability VCID-6zc1-xs64-1bc6
6
vulnerability VCID-ep38-eu98-fbas
7
vulnerability VCID-fcym-y8c1-xqdq
8
vulnerability VCID-h6v3-24fq-3udw
9
vulnerability VCID-n88y-9qre-n3bz
10
vulnerability VCID-ps4e-cg34-wyah
11
vulnerability VCID-qcsd-5htt-h3ev
12
vulnerability VCID-rynh-v7q5-6kdg
13
vulnerability VCID-tv4c-g8r6-xbf6
14
vulnerability VCID-wyn5-w4qh-nfht
15
vulnerability VCID-yssm-eyx3-efhs
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.11a1
aliases CVE-2022-3273, PYSEC-2022-43156
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zzjz-9wv2-vfcc
Fixing_vulnerabilities
0
url VCID-pva4-gkpj-juh8
vulnerability_id VCID-pva4-gkpj-juh8
summary Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/ac334dd27ceadac0661b1e2e059a8423433c3fee
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/ac334dd27ceadac0661b1e2e059a8423433c3fee
1
reference_url https://huntr.dev/bounties/39889a3f-8bb7-448a-b0d4-a18c671bbd23
reference_id
reference_type
scores
url https://huntr.dev/bounties/39889a3f-8bb7-448a-b0d4-a18c671bbd23
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.6
purl pkg:pypi/rdiffweb@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fg8-rcx8-77fq
1
vulnerability VCID-25yw-5nru-aygm
2
vulnerability VCID-287j-23ju-9fhk
3
vulnerability VCID-29xz-5wxu-ybed
4
vulnerability VCID-52wf-fheq-cuer
5
vulnerability VCID-57wc-s2nn-cyeu
6
vulnerability VCID-5xg7-u3nr-nkfg
7
vulnerability VCID-6zc1-xs64-1bc6
8
vulnerability VCID-9f5c-ne9b-27fd
9
vulnerability VCID-dpbu-gy6u-abd3
10
vulnerability VCID-ep38-eu98-fbas
11
vulnerability VCID-fcym-y8c1-xqdq
12
vulnerability VCID-h6v3-24fq-3udw
13
vulnerability VCID-mr71-9e9c-zbda
14
vulnerability VCID-n88y-9qre-n3bz
15
vulnerability VCID-nc4e-1muy-1kd7
16
vulnerability VCID-ps4e-cg34-wyah
17
vulnerability VCID-qcsd-5htt-h3ev
18
vulnerability VCID-rynh-v7q5-6kdg
19
vulnerability VCID-sn4z-f439-6qe7
20
vulnerability VCID-t1sj-158f-efey
21
vulnerability VCID-tv4c-g8r6-xbf6
22
vulnerability VCID-vmrb-sm2h-hqf1
23
vulnerability VCID-wyn5-w4qh-nfht
24
vulnerability VCID-yssm-eyx3-efhs
25
vulnerability VCID-yz9x-nz9u-wybe
26
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.6
aliases CVE-2022-3250, PYSEC-2022-287
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pva4-gkpj-juh8
1
url VCID-tjr6-1mzd-93ee
vulnerability_id VCID-tjr6-1mzd-93ee
summary Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/18a5aabd48fa6d2d2771a25f95610c28a1a097ca
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/18a5aabd48fa6d2d2771a25f95610c28a1a097ca
1
reference_url https://huntr.dev/bounties/5ec206e0-eca0-4957-9af4-fdd9185d1db3
reference_id
reference_type
scores
url https://huntr.dev/bounties/5ec206e0-eca0-4957-9af4-fdd9185d1db3
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.6
purl pkg:pypi/rdiffweb@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fg8-rcx8-77fq
1
vulnerability VCID-25yw-5nru-aygm
2
vulnerability VCID-287j-23ju-9fhk
3
vulnerability VCID-29xz-5wxu-ybed
4
vulnerability VCID-52wf-fheq-cuer
5
vulnerability VCID-57wc-s2nn-cyeu
6
vulnerability VCID-5xg7-u3nr-nkfg
7
vulnerability VCID-6zc1-xs64-1bc6
8
vulnerability VCID-9f5c-ne9b-27fd
9
vulnerability VCID-dpbu-gy6u-abd3
10
vulnerability VCID-ep38-eu98-fbas
11
vulnerability VCID-fcym-y8c1-xqdq
12
vulnerability VCID-h6v3-24fq-3udw
13
vulnerability VCID-mr71-9e9c-zbda
14
vulnerability VCID-n88y-9qre-n3bz
15
vulnerability VCID-nc4e-1muy-1kd7
16
vulnerability VCID-ps4e-cg34-wyah
17
vulnerability VCID-qcsd-5htt-h3ev
18
vulnerability VCID-rynh-v7q5-6kdg
19
vulnerability VCID-sn4z-f439-6qe7
20
vulnerability VCID-t1sj-158f-efey
21
vulnerability VCID-tv4c-g8r6-xbf6
22
vulnerability VCID-vmrb-sm2h-hqf1
23
vulnerability VCID-wyn5-w4qh-nfht
24
vulnerability VCID-yssm-eyx3-efhs
25
vulnerability VCID-yz9x-nz9u-wybe
26
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.6
aliases CVE-2022-3233, PYSEC-2022-285
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tjr6-1mzd-93ee
2
url VCID-z43n-dk6v-pffh
vulnerability_id VCID-z43n-dk6v-pffh
summary Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.
references
0
reference_url https://github.com/ikus060/rdiffweb/commit/20fc0d304412cc569b21f31e52cb8b94094d6314
reference_id
reference_type
scores
url https://github.com/ikus060/rdiffweb/commit/20fc0d304412cc569b21f31e52cb8b94094d6314
1
reference_url https://huntr.dev/bounties/7b6ec9f4-4fe9-4716-8dba-3491ffa3f6f2
reference_id
reference_type
scores
url https://huntr.dev/bounties/7b6ec9f4-4fe9-4716-8dba-3491ffa3f6f2
fixed_packages
0
url pkg:pypi/rdiffweb@2.4.6
purl pkg:pypi/rdiffweb@2.4.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fg8-rcx8-77fq
1
vulnerability VCID-25yw-5nru-aygm
2
vulnerability VCID-287j-23ju-9fhk
3
vulnerability VCID-29xz-5wxu-ybed
4
vulnerability VCID-52wf-fheq-cuer
5
vulnerability VCID-57wc-s2nn-cyeu
6
vulnerability VCID-5xg7-u3nr-nkfg
7
vulnerability VCID-6zc1-xs64-1bc6
8
vulnerability VCID-9f5c-ne9b-27fd
9
vulnerability VCID-dpbu-gy6u-abd3
10
vulnerability VCID-ep38-eu98-fbas
11
vulnerability VCID-fcym-y8c1-xqdq
12
vulnerability VCID-h6v3-24fq-3udw
13
vulnerability VCID-mr71-9e9c-zbda
14
vulnerability VCID-n88y-9qre-n3bz
15
vulnerability VCID-nc4e-1muy-1kd7
16
vulnerability VCID-ps4e-cg34-wyah
17
vulnerability VCID-qcsd-5htt-h3ev
18
vulnerability VCID-rynh-v7q5-6kdg
19
vulnerability VCID-sn4z-f439-6qe7
20
vulnerability VCID-t1sj-158f-efey
21
vulnerability VCID-tv4c-g8r6-xbf6
22
vulnerability VCID-vmrb-sm2h-hqf1
23
vulnerability VCID-wyn5-w4qh-nfht
24
vulnerability VCID-yssm-eyx3-efhs
25
vulnerability VCID-yz9x-nz9u-wybe
26
vulnerability VCID-zzjz-9wv2-vfcc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.6
aliases CVE-2022-3267, PYSEC-2022-284
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z43n-dk6v-pffh
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/rdiffweb@2.4.6