Homepage
About Snyk

radicale@2.0.0rc1 vulnerabilities

CalDAV and CardDAV Server

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the radicale package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Denial of Service (DoS)

Radicale is a CalDAV (calendar) and CardDAV (contact) server.

Affected versions of this package are vulnerable to Denial of Service (DoS) due to allowing the processing of XML content from un-authenticated users.

How to fix Denial of Service (DoS)?

Upgrade Radicale to version 3.0.0 or higher.

[,3.0.0)
  • H
Timing Attack

Radicale is a CalDAV (calendar) and CardDAV (contact) server.

Affected versions of this package are vulnerable to Timing Attack. It was prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.

How to fix Timing Attack?

Upgrade Radicale to version 1.1.2, 2.0.0rc2 or higher.

[,1.1.2) [2.0.0rc1,2.0.0rc2)
Go back to all versions of this package