Launch Week Day 1: Announcing Security Design Review
Start for Free
pypi

rdiffweb

View on pypi registry
85 Total advisories
85 Vulnerabilities
0 Malware

Vulnerabilities

CRITICAL 9.8
PyPI

CVE-2022-3457

CVE-2022-3457
HIGH 8.8
PyPI

CVE-2023-5289

CVE-2023-5289
UNKNOWN
PyPI

CVE-2022-4724

CVE-2022-4724
HIGH 7.5
PyPI

CVE-2022-3290

CVE-2022-3290
CRITICAL 9.8
PyPI

CVE-2022-3439

CVE-2022-3439
CRITICAL 9.8
PyPI

CVE-2022-3456

CVE-2022-3456
MEDIUM 5.3
PyPI

CVE-2022-3376

CVE-2022-3376
MEDIUM 6.1
PyPI

CVE-2022-3438

CVE-2022-3438
UNKNOWN
PyPI

CVE-2022-4722

CVE-2022-4722
UNKNOWN
PyPI

CVE-2022-4720

CVE-2022-4720
UNKNOWN
PyPI

CVE-2022-4721

CVE-2022-4721
UNKNOWN
PyPI

CVE-2022-4719

CVE-2022-4719
UNKNOWN
PyPI

CVE-2022-4646

CVE-2022-4646
UNKNOWN
PyPI

CVE-2022-4018

CVE-2022-4018
UNKNOWN
PyPI

CVE-2022-4314

CVE-2022-4314
UNKNOWN
PyPI

CVE-2022-4644

CVE-2022-4644
UNKNOWN
PyPI

CVE-2022-3363

CVE-2022-3363
UNKNOWN
PyPI

CVE-2022-3389

CVE-2022-3389
UNKNOWN
PyPI

CVE-2022-3327

CVE-2022-3327
UNKNOWN
PyPI

CVE-2022-3371

CVE-2022-3371
UNKNOWN
PyPI

CVE-2022-3364

CVE-2022-3364
UNKNOWN
PyPI

CVE-2022-3326

CVE-2022-3326
UNKNOWN
PyPI

CVE-2022-3301

CVE-2022-3301
UNKNOWN
PyPI

CVE-2022-3298

CVE-2022-3298
UNKNOWN
PyPI

CVE-2022-3292

CVE-2022-3292
UNKNOWN
PyPI

CVE-2022-3272

CVE-2022-3272
UNKNOWN
PyPI

CVE-2022-3295

CVE-2022-3295
UNKNOWN
PyPI

CVE-2022-3250

CVE-2022-3250
UNKNOWN
PyPI

CVE-2022-3233

CVE-2022-3233
UNKNOWN
PyPI

CVE-2022-3269

CVE-2022-3269
UNKNOWN
PyPI

CVE-2022-3274

CVE-2022-3274
UNKNOWN
PyPI

CVE-2022-3267

CVE-2022-3267
UNKNOWN
PyPI

CVE-2022-3232

CVE-2022-3232
UNKNOWN
PyPI

CVE-2022-4723

CVE-2022-4723
UNKNOWN
PyPI

CVE-2022-3362

CVE-2022-3362
CRITICAL 9.8
PyPI

CVE-2022-3273

CVE-2022-3273
HIGH 7.5
PyPI

CVE-2022-3290

rdiffweb's unlimited username field length can lead to DoS
UNKNOWN
PyPI

CVE-2022-3290

CVE-2022-3290
HIGH 8.1
PyPI

CVE-2025-67796

IKUS Rdiffweb allows an attacker with any valid or stolen access token to act as other users
HIGH 7.5
PyPI

CVE-2022-3272

rdiffweb's unlimited length email field can lead to DoS
MEDIUM 4.2
PyPI

CVE-2023-4138

RDiffWeb vulnerable to Allocation of Resources Without Limits or Throttling
CRITICAL 9.8
PyPI

CVE-2022-3363

Rdiffweb subject to Business Logic Errors
MEDIUM 5.7
PyPI

CVE-2022-4719

rdiffweb vulnerable to Business Logic Errors
UNKNOWN
PyPI

CVE-2022-3456

Missing rate limit on rdiffweb
MEDIUM 6.1
PyPI

CVE-2022-3438

rdiffweb vulnerable to Open Redirect
MEDIUM 5.3
PyPI

CVE-2022-3376

rdiffweb allows a new password to be the same as the previous password
HIGH 7.3
PyPI

CVE-2022-3273

rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
CRITICAL 9.8
PyPI

CVE-2022-3439

Missing rate limit on rdiffweb
CRITICAL 9.8
PyPI

CVE-2022-3457

Origin Validation Error in rdiffweb
CRITICAL 9.8
PyPI

CVE-2022-3362

rdiffweb vulnerable to Insufficient Session Expiration
MEDIUM 4.3
PyPI

CVE-2022-4018

Rdiffweb vulnerable to Missing Authentication for Critical Function
MEDIUM 5.4
PyPI

CVE-2022-3326

rdiffweb vulnerable to password complexity bypass leading to weak passwords
CRITICAL 9.8
PyPI

CVE-2022-3327

Rdiffweb is missing authentication for critical function
HIGH 8.8
PyPI

CVE-2023-5289

Rdiffweb Allocation of Resources Without Limits or Throttling vulnerability
HIGH 8.2
PyPI

CVE-2022-4720

rdiffweb vulnerable to Open Redirect
MEDIUM 6.1
PyPI

CVE-2022-4644

rdiffweb Open Redirect vulnerability
CRITICAL 9.8
PyPI

CVE-2022-4724

rdiffweb Improper Access Control vulnerability
HIGH 7.2
PyPI

CVE-2022-4722

rdiffweb vulnerable to Authentication Bypass by Primary Weakness
CRITICAL 9.8
PyPI

CVE-2022-4314

Improper Privilege Management in rdiffweb
MEDIUM 6.5
PyPI

CVE-2022-4646

rdiffweb vulnerable to Cross-Site Request Forgery
MEDIUM 6.5
PyPI

CVE-2022-4723

rdiffweb has no rate limit on resend email feature
MEDIUM 5.4
PyPI

CVE-2022-4721

rdiffweb vulnerable to Special Element Injection
HIGH 7.5
PyPI

CVE-2022-3371

rdiffweb's lack of token name length limit can result in DoS or memory corruption
MEDIUM 5.3
PyPI

CVE-2022-3364

rdiffweb's unlimited length Fullname field can lead to DoS
HIGH 7.5
PyPI

CVE-2022-3389

rdiffweb Path Traversal vulnerability
CRITICAL 9.8
PyPI

CVE-2022-3269

rdiffweb vulnerable to account access via session fixation
HIGH 7.5
PyPI

CVE-2022-3295

rdiffweb allows unlimited length of root directory name, which could result in DoS
MEDIUM 4.3
PyPI

CVE-2022-3232

rdiffweb CSRF vulnerability in admin area can lead to deletion of repositories and users
MEDIUM 4.3
PyPI

CVE-2022-3267

rdiffweb Cross-Site Request Forgery vulnerability
MEDIUM 5.3
PyPI

CVE-2022-3250

rdiffweb has insecure HTTP cookies
HIGH 7.0
PyPI

CVE-2022-3274

rdiffweb Cross-Site Request Forgery vulnerability can lead to user email ID being changed
HIGH 8.8
PyPI

CVE-2022-3221

rdiffweb CSRF vulnerability in profile's SSH keys can lead to unauthorized access
LOW 2.4
PyPI

CVE-2022-3301

rdiffweb vulnerable to Improper Cleanup on Thrown Exception
HIGH 8.8
PyPI

CVE-2022-3167

rdiffweb vulnerable to Improper Restriction of Rendered UI Layers or Frames
MEDIUM 4.3
PyPI

CVE-2022-3233

rdiffweb CSRF could lead to disabling notifications in user profile
MEDIUM 5.3
PyPI

CVE-2022-3175

rdiffweb Missing Custom Error Page
HIGH 7.5
PyPI

CVE-2022-3174

rdiffweb vulnerable to Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
HIGH 8.8
PyPI

CVE-2022-3179

rdiffweb contains Weak Password Requirements
MEDIUM 4.6
PyPI

CVE-2022-3292

rdiffweb vulnerable to Use of Cache Containing Sensitive Information
HIGH 7.5
PyPI

CVE-2022-3298

rdiffweb vulnerable to potential DoS via memory consumption
UNKNOWN
PyPI

CVE-2022-3221

CVE-2022-3221
UNKNOWN
PyPI

CVE-2022-3179

CVE-2022-3179
UNKNOWN
PyPI

CVE-2022-3175

CVE-2022-3175
UNKNOWN
PyPI

CVE-2022-3174

CVE-2022-3174
UNKNOWN
PyPI

CVE-2022-3167

CVE-2022-3167

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes