Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/radicale@0.7.1
purl pkg:pypi/radicale@0.7.1
Next non-vulnerable version 1.1.2
Latest non-vulnerable version 2.0.0rc2
Risk 4.5
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-2awy-8tkx-3fe2
Aliases:
CVE-2015-8748
GHSA-6w8c-6jrg-qwj2
PYSEC-2016-37
Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".
1.1
Affected by 1 other vulnerability.
VCID-dw4s-1un9-3qg1
Aliases:
CVE-2017-8342
GHSA-rpv4-63g3-9x23
PYSEC-2017-102
Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.
1.1.2
Affected by 0 other vulnerabilities.
2.0.0rc2
Affected by 0 other vulnerabilities.
VCID-j4yd-fdnt-vub6
Aliases:
CVE-2015-8747
GHSA-fgqv-96v9-w23m
PYSEC-2016-36
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.
1.1
Affected by 1 other vulnerability.
VCID-unc1-fh32-v3gh
Aliases:
CVE-2016-1505
GHSA-84cw-mxhv-qvv4
Path Traversal The filesystem storage backend in Radicale on Windows allows remote attackers to read or write to arbitrary files via a crafted path.
1.1
Affected by 1 other vulnerability.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-06T02:05:55.674771+00:00 GitLab Importer Affected by VCID-j4yd-fdnt-vub6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2015-8747.yml 38.6.0
2026-06-06T02:03:48.029439+00:00 GitLab Importer Affected by VCID-2awy-8tkx-3fe2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2015-8748.yml 38.6.0
2026-06-06T01:56:00.485363+00:00 GitLab Importer Affected by VCID-dw4s-1un9-3qg1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2017-8342.yml 38.6.0
2026-06-05T16:54:48.153058+00:00 PyPI Importer Affected by VCID-dw4s-1un9-3qg1 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-04T20:05:28.389361+00:00 GitLab Importer Affected by VCID-unc1-fh32-v3gh https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Radicale/CVE-2016-1505.yml 38.6.0
2026-06-04T16:16:15.963146+00:00 PyPI Importer Affected by VCID-2awy-8tkx-3fe2 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-04T16:16:15.916809+00:00 PyPI Importer Affected by VCID-j4yd-fdnt-vub6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.6.0
2026-06-02T04:04:38.775459+00:00 Pypa Importer Affected by VCID-dw4s-1un9-3qg1 https://github.com/pypa/advisory-database/blob/main/vulns/radicale/PYSEC-2017-102.yaml 38.6.0
2026-06-02T04:04:08.880839+00:00 Pypa Importer Affected by VCID-j4yd-fdnt-vub6 https://github.com/pypa/advisory-database/blob/main/vulns/radicale/PYSEC-2016-36.yaml 38.6.0
2026-06-02T04:04:08.758503+00:00 Pypa Importer Affected by VCID-2awy-8tkx-3fe2 https://github.com/pypa/advisory-database/blob/main/vulns/radicale/PYSEC-2016-37.yaml 38.6.0