VulnerableCode Package Details - pkg:pypi/rdiffweb@2.5.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:pypi/rdiffweb@2.5.2

Essentials
History (10)

purl	pkg:pypi/rdiffweb@2.5.2

Next non-vulnerable version	2.8.4
Latest non-vulnerable version	2.8.4
Risk

Vulnerabilities affecting this package (9)

Vulnerability	Summary	Fixed by
VCID-287j-23ju-9fhk Aliases: CVE-2022-4720 PYSEC-2022-43006	Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5.	2.5.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-52wf-fheq-cuer Aliases: CVE-2023-5289 GHSA-c4rv-2j6x-pq7x PYSEC-2023-186	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4.	2.8.4 Affected by 0 other vulnerabilities.
VCID-57wc-s2nn-cyeu Aliases: CVE-2022-4646 PYSEC-2022-43004	Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4.	2.5.4 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-6zc1-xs64-1bc6 Aliases: CVE-2022-4724 PYSEC-2022-43010	Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5.	2.5.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ep38-eu98-fbas Aliases: CVE-2022-4721 PYSEC-2022-43007	Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5.	2.5.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-h6v3-24fq-3udw Aliases: CVE-2022-4723 PYSEC-2022-43009	Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5.	2.5.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-qcsd-5htt-h3ev Aliases: CVE-2022-4722 PYSEC-2022-43008	Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5.	2.5.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-tv4c-g8r6-xbf6 Aliases: CVE-2022-4644 PYSEC-2022-43003	Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4.	2.5.4 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-wyn5-w4qh-nfht Aliases: CVE-2022-4719 PYSEC-2022-43005	Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5.	2.5.5 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-25yw-5nru-aygm	Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2.	CVE-2022-4314 PYSEC-2022-43002

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-02T04:19:39.134772+00:00	Pypa Importer	Affected by	VCID-52wf-fheq-cuer	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2023-186.yaml	38.6.0
2026-06-02T04:18:12.877372+00:00	Pypa Importer	Affected by	VCID-ep38-eu98-fbas	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43007.yaml	38.6.0
2026-06-02T04:18:12.475905+00:00	Pypa Importer	Affected by	VCID-h6v3-24fq-3udw	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43009.yaml	38.6.0
2026-06-02T04:18:12.064663+00:00	Pypa Importer	Affected by	VCID-287j-23ju-9fhk	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43006.yaml	38.6.0
2026-06-02T04:18:11.656336+00:00	Pypa Importer	Affected by	VCID-wyn5-w4qh-nfht	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43005.yaml	38.6.0
2026-06-02T04:18:11.228597+00:00	Pypa Importer	Affected by	VCID-6zc1-xs64-1bc6	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43010.yaml	38.6.0
2026-06-02T04:18:10.802205+00:00	Pypa Importer	Affected by	VCID-qcsd-5htt-h3ev	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43008.yaml	38.6.0
2026-06-02T04:18:07.015523+00:00	Pypa Importer	Affected by	VCID-57wc-s2nn-cyeu	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43004.yaml	38.6.0
2026-06-02T04:18:06.607910+00:00	Pypa Importer	Affected by	VCID-tv4c-g8r6-xbf6	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43003.yaml	38.6.0
2026-06-02T04:18:05.186190+00:00	Pypa Importer	Fixing	VCID-25yw-5nru-aygm	https://github.com/pypa/advisory-database/blob/main/vulns/rdiffweb/PYSEC-2022-43002.yaml	38.6.0