Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/radicale@0.3
purl pkg:pypi/radicale@0.3
Next non-vulnerable version 1.1.2
Latest non-vulnerable version 2.0.0rc2
Risk 4.5
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-2awy-8tkx-3fe2
Aliases:
CVE-2015-8748
GHSA-6w8c-6jrg-qwj2
PYSEC-2016-37
Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".
1.1
Affected by 1 other vulnerability.
VCID-dw4s-1un9-3qg1
Aliases:
CVE-2017-8342
GHSA-rpv4-63g3-9x23
PYSEC-2017-102
Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.
1.1.2
Affected by 0 other vulnerabilities.
2.0.0rc2
Affected by 0 other vulnerabilities.
VCID-j4yd-fdnt-vub6
Aliases:
CVE-2015-8747
GHSA-fgqv-96v9-w23m
PYSEC-2016-36
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.
1.1
Affected by 1 other vulnerability.
VCID-unc1-fh32-v3gh
Aliases:
CVE-2016-1505
GHSA-84cw-mxhv-qvv4
Path Traversal The filesystem storage backend in Radicale on Windows allows remote attackers to read or write to arbitrary files via a crafted path.
1.1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-06T02:05:55.640274+00:00 GitLab Importer Affected by VCID-j4yd-fdnt-vub6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2015-8747.yml 38.6.0
2026-06-06T02:03:47.996018+00:00 GitLab Importer Affected by VCID-2awy-8tkx-3fe2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2015-8748.yml 38.6.0
2026-06-06T01:56:00.451394+00:00 GitLab Importer Affected by VCID-dw4s-1un9-3qg1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2017-8342.yml 38.6.0
2026-06-05T16:54:48.120372+00:00 PyPI Importer Affected by VCID-dw4s-1un9-3qg1 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-04T20:05:28.371587+00:00 GitLab Importer Affected by VCID-unc1-fh32-v3gh https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2016-1505.yml 38.6.0
2026-06-04T16:16:15.948906+00:00 PyPI Importer Affected by VCID-2awy-8tkx-3fe2 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-04T16:16:15.902919+00:00 PyPI Importer Affected by VCID-j4yd-fdnt-vub6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-02T04:04:38.743306+00:00 Pypa Importer Affected by VCID-dw4s-1un9-3qg1 https://github.com/pypa/advisory-database/blob/main/vulns/radicale/PYSEC-2017-102.yaml 38.6.0
2026-06-02T04:04:08.845094+00:00 Pypa Importer Affected by VCID-j4yd-fdnt-vub6 https://github.com/pypa/advisory-database/blob/main/vulns/radicale/PYSEC-2016-36.yaml 38.6.0
2026-06-02T04:04:08.715280+00:00 Pypa Importer Affected by VCID-2awy-8tkx-3fe2 https://github.com/pypa/advisory-database/blob/main/vulns/radicale/PYSEC-2016-37.yaml 38.6.0