Version 2.4.10

rdiffweb

A web interface to rdiff-backup repositories.

Install Instructions

pip install rdiffweb
Current Version Release Date November 11, 2024
Language Python
Package URL (purl) pkg:pip/rdiffweb@2.4.10

Find rdiffweb vulnerabilities in your supply chain.

Scan for Free

rdiffweb Vulnerabilities

Sort by
icon CVE (Latest)
  • icon CVE (Latest)
  • icon CVE (Oldest)
  • icon CVSS Score (Highest)
  • icon CVSS Score (Lowest)
CVE question mark icon CVSS Score question mark icon CWE(s) question mark icon EPSS Score question mark icon EPSS % question mark icon Impacted Versions
CVE-2022-3167 High 8.8 CWE-1021 0.00189 0.57427
  • 2.0.2–2.4.0
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3174 High 7.5 CWE-311 0.00149 0.52173
  • 2.0.2–2.4.1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3175 Medium 5.3 CWE-755 0.00068 0.31601
  • 2.0.2–2.4.1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3179 High 8.8 CWE-521 0.00098 0.42235
  • 2.0.2–2.4.1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3221 High 8.8 CWE-352 0.00125 0.4842
  • 2.0.2–2.4.2
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3232 Medium 4.3 CWE-352 0.00068 0.31601
  • 2.0.2–2.4.4
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3233 Medium 4.3 CWE-352 0.00068 0.31601
  • 2.0.2–2.4.5
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3250 Medium 5.3 CWE-311 0.00069 0.31798
  • 2.0.2–2.4.5
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3267 Medium 4.3 CWE-352 0.00068 0.31601
  • 2.0.2–2.4.5
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3269 High 9.8 CWE-384 0.00194 0.58033
  • 2.0.2–2.4.6
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3272 High 7.5 CWE-130 0.00088 0.39075
  • 2.0.2–2.4.7
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3273 High 9.8 CWE-326, CWE-770 0.00194 0.58033
  • 2.0.2–2.5.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3274 Low 3.5 CWE-352 0.00053 0.22908
  • 2.0.2–2.4.6
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3290 High 7.5 CWE-130 0.00088 0.39075
  • 2.0.2–2.4.7
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3292 Medium 4.6 CWE-524 0.00073 0.3311
  • 2.0.2–2.4.8
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3295 High 7.5 CWE-770 0.00088 0.39075
  • 2.0.2–2.4.7
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3298 High 7.5 CWE-770 0.00088 0.39075
  • 2.0.2–2.4.7
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3301 Low 2.4 CWE-460 0.00053 0.22908
  • 2.0.2–2.4.7
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3326 Medium 4.3 CWE-521 0.00053 0.22908
  • 2.0.2–2.4.8
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3327 High 9.8 CWE-306 0.00213 0.60034
  • 2.0.2–2.5.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3362 High 9.8 CWE-613 0.00194 0.58033
  • 2.0.2–2.5.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3363 High 9.8 0.00169 0.54853
  • 2.0.2–2.4.11a1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3364 High 7.5 CWE-770 0.00088 0.39075
  • 2.0.2–2.4.11a1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3371 High 7.5 CWE-770 0.00078 0.35307
  • 2.0.2–2.4.11a1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3376 Medium 5.3 CWE-521 0.00068 0.31601
  • 2.0.2–2.5.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3389 High 7.5 CWE-22 0.00134 0.50002
  • 2.0.2–2.4.9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3438 Medium 6.1 CWE-601 0.00068 0.31601
  • 2.0.2–2.4.11a1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3439 High 9.8 CWE-770 0.00213 0.60034
  • 2.0.2–2.5.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3456 High 9.8 CWE-770 0.00221 0.60963
  • 2.0.2–2.5.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-3457 High 9.8 CWE-346 0.00213 0.60034
  • 2.0.2–2.4.11a1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4018 Medium 4.3 CWE-306 0.00088 0.39075
  • 2.0.2–2.4.11a1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4314 High 9.8 CWE-269 0.00194 0.58033
  • 2.0.2–2.5.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4644 Medium 6.1 CWE-601 0.00068 0.31601
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4646 Medium 6.5 CWE-352 0.00068 0.31353
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4719 High 9.8 CWE-840 0.00183 0.56631
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4720 Medium 6.1 CWE-601 0.00068 0.31601
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4721 Medium 5.4 CWE-75 0.00068 0.31601
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4722 High 7.2 CWE-305, CWE-287 0.00098 0.42235
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4723 Medium 6.5 CWE-770 0.00074 0.33553
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2022-4724 High 9.8 CWE-284 0.00171 0.551
  • 2.0.2–2.5.4b1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2023-4138 Medium 6.5 CWE-770 0.00075 0.34036
  • 2.0.2–2.8.0a9
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9
CVE-2023-5289 High 8.8 CWE-770 0.00085 0.377
  • 2.0.2–2.8.2a1
  • 1.0.0–1.6.0b1
  • 0.9.2.dev1–0.10.9

rdiffweb Vulnerability Remediation Guidance

CVE Description Full list of Impacted Versions Fix
CVE-2023-5289 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2023-4138 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.0. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4724 Improper Access Control in GitHub repository ikus060/rdiffweb prior to 2.5.5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4723 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4722 Authentication Bypass by Primary Weakness in GitHub repository ikus060/rdiffweb prior to 2.5.5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4721 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository ikus060/rdiffweb prior to 2.5.5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4720 Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4719 Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4646 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.5.4. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4644 Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.4. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4314 Improper Privilege Management in GitHub repository ikus060/rdiffweb prior to 2.5.2. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-4018 Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3457 Origin Validation Error in GitHub repository ikus060/rdiffweb prior to 2.5.0a5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3456 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3439 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3438 Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3389 Path Traversal in GitHub repository ikus060/rdiffweb prior to 2.4.10. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3376 Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3371 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3364 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a3. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3363 Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3362 Insufficient Session Expiration in GitHub repository ikus060/rdiffweb prior to 2.5.0. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3327 Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3326 Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3301 Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3298 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3295 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3292 Use of Cache Containing Sensitive Information in GitHub repository ikus060/rdiffweb prior to 2.4.8. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3290 Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3274 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.7. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3273 Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3272 Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3269 Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3267 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3250 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.6. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3233 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3232 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.5. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3221 Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3179 Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3175 Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3174 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4
CVE-2022-3167 Improper Restriction of Rendered UI Layers or Frames in GitHub repository ikus060/rdiffweb prior to 2.4.1. 2.2.1, 2.2.0.dev1, 2.2.0, 1.4.0, 1.4.1b1, 1.3.2, 1.3.1b1, 1.3.1 (Show all) Minor → 2.8.4

Instantly see if these rdiffweb vulnerabilities affect your code.

Scan for Free

Dependencies

Packages using versions of rdiffweb affected by its vulnerabilities

Dependent Packages
apscheduler
argon2-cffi>=18.3.0
babel>=0.9.6
cached-property
CherryPy>=8.9.1
configargparse
distro
humanfriendly
Jinja2>=2.10
ldap3
MarkupSafe<3
packaging
psutil>=2.1.1
requests
sqlalchemy<3,>=1.2
WTForms
zxcvbn>=4.4.27
html5lib; extra == "test"
pytest; extra == "test"
parameterized; extra == "test"
responses; extra == "test"
selenium; extra == "test"