CVE-2022-3175

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions rdiffweb versions prior to 2.4.2

Description The issue concerns a missing custom error page in the GitHub repository ikus060/rdiffweb. This results in the leakage of error information. The problem is resolved in version 2.4.2.

Recommendations For versions prior to 2.4.2, update to version 2.4.2 to resolve the issue.

Exploit

Fix

Improper Handling of Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-755CWE-756

Related Identifiers

CVE-2022-3175

GHSA-CH4C-278Q-5654

PYSEC-2022-273

Affected Products

Rdiffweb

CVE-2022-3175

Weakness Enumeration

Related Identifiers

Affected Products

References · 12