rdiffweb vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the rdiffweb package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Open Redirect	[,2.5.1)
M Brute Force	[,2.4.4)
H Allocation of Resources Without Limits or Throttling	[,2.8.4)
M Allocation of Resources Without Limits or Throttling	[,2.8.1)
M Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)	[,2.5.5)
M Open Redirect	[,2.5.5)
M Business Logic Errors	[,2.5.5)
H Authentication Bypass by Primary Weakness	[,2.5.5)
M Access Control Bypass	[,2.5.5)
M Allocation of Resources Without Limits or Throttling	[,2.5.5)
M Cross-site Request Forgery (CSRF)	[,2.5.4)
M Open Redirect	[,2.5.4)
M Improper Privilege Management	[,2.5.2)
M Missing Authentication for Critical Function	[,2.5.0)
M Insufficient Session Expiration	[,2.5.0a8)
L Business Logic Errors	[,2.5.0a7)
M Insufficient Session Expiration	[,2.5.0a7)
M Allocation of Resources Without Limits or Throttling	[,2.5.0a7)
M Allocation of Resources Without Limits or Throttling	[,2.5.0a7)
L Origin Validation Error	[,2.5.0a7)
M Open Redirect	[,2.5.0a7)
H Directory Traversal	[,2.4.10)
M Weak Password Requirements	[,2.5.0a7)
M Allocation of Resources Without Limits or Throttling	[,2.5.0a7)
M Allocation of Resources Without Limits or Throttling	[,2.5.0a7)
M Allocation of Resources Without Limits or Throttling	[,2.5.0a7)
M Use of Cache Containing Sensitive Information	[,2.4.9)
M Weak Password Requirements	[,2.4.9)
M Improper Handling of Length Parameter Inconsistency	[,2.4.8)
M Improper Handling of Length Parameter Inconsistency	[,2.4.8)
M Allocation of Resources Without Limits or Throttling	[,2.4.8)
M Allocation of Resources Without Limits or Throttling	[,2.4.8)
M Improper Cleanup on Thrown Exception	[2.4.6,2.4.8)
M Session Fixation	[,2.4.7)
M Sensitive Cookie in HTTPS Session Without "Secure" Attribute	[0,2.4.6)
M Cross-site Request Forgery (CSRF)	[0,2.4.7)
M Cross-site Request Forgery (CSRF)	[,2.4.7)
M Cross-site Request Forgery (CSRF)	[0,2.4.6)
M Cross-site Request Forgery (CSRF)	[,2.4.5)
H Cross-site Request Forgery (CSRF)	[,2.4.3)
M Weak Password Requirements	[,2.4.2)
M Information Exposure	[,2.4.2)
M Sensitive Cookie in HTTPS Session Without 'Secure' Attribute	[,2.4.2)
M Improper Restriction of Rendered UI Layers or Frames (Clickjacking)	[,2.4.1)

Vulnerability

Vulnerable Version

Open Redirect

[,2.5.1)

Brute Force

[,2.4.4)

Allocation of Resources Without Limits or Throttling

[,2.8.4)

Allocation of Resources Without Limits or Throttling

[,2.8.1)

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection)

[,2.5.5)

Open Redirect

[,2.5.5)

Business Logic Errors

[,2.5.5)

Authentication Bypass by Primary Weakness

[,2.5.5)

Access Control Bypass

[,2.5.5)

Allocation of Resources Without Limits or Throttling

[,2.5.5)

Cross-site Request Forgery (CSRF)

[,2.5.4)

Open Redirect

[,2.5.4)

Improper Privilege Management

[,2.5.2)

Missing Authentication for Critical Function

[,2.5.0)

Insufficient Session Expiration

[,2.5.0a8)

Business Logic Errors

[,2.5.0a7)

Insufficient Session Expiration

[,2.5.0a7)

Allocation of Resources Without Limits or Throttling

[,2.5.0a7)

Allocation of Resources Without Limits or Throttling

[,2.5.0a7)

Origin Validation Error

[,2.5.0a7)

Open Redirect

[,2.5.0a7)

Directory Traversal

[,2.4.10)

Weak Password Requirements

[,2.5.0a7)

Allocation of Resources Without Limits or Throttling

[,2.5.0a7)

Allocation of Resources Without Limits or Throttling

[,2.5.0a7)

Allocation of Resources Without Limits or Throttling

[,2.5.0a7)

Use of Cache Containing Sensitive Information

[,2.4.9)

Weak Password Requirements

[,2.4.9)

Improper Handling of Length Parameter Inconsistency

[,2.4.8)

Improper Handling of Length Parameter Inconsistency

[,2.4.8)

Allocation of Resources Without Limits or Throttling

[,2.4.8)

Allocation of Resources Without Limits or Throttling

[,2.4.8)

Improper Cleanup on Thrown Exception

[2.4.6,2.4.8)

Session Fixation

[,2.4.7)

Sensitive Cookie in HTTPS Session Without "Secure" Attribute

[0,2.4.6)

Cross-site Request Forgery (CSRF)

[0,2.4.7)

Cross-site Request Forgery (CSRF)

[,2.4.7)

Cross-site Request Forgery (CSRF)

[0,2.4.6)

Cross-site Request Forgery (CSRF)

[,2.4.5)

Cross-site Request Forgery (CSRF)

[,2.4.3)

Weak Password Requirements

[,2.4.2)

Information Exposure

[,2.4.2)

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

[,2.4.2)

Improper Restriction of Rendered UI Layers or Frames (Clickjacking)

[,2.4.1)

Package versions

145 VERSIONS IN TOTAL See all versions

version	published	direct vulnerabilities
2.10.6	2 Oct, 2025	0 C 0 H 0 M 0 L
2.10.5	20 Jun, 2025	0 C 0 H 0 M 0 L
2.10.4	13 Jun, 2025	0 C 0 H 0 M 0 L
2.10.4b2	30 May, 2025	0 C 0 H 0 M 0 L
2.10.4b1	23 May, 2025	0 C 0 H 0 M 0 L
2.10.3b1	24 Apr, 2025	0 C 0 H 0 M 0 L
2.9.7	20 Feb, 2025	0 C 0 H 0 M 0 L
2.9.5	11 Nov, 2024	0 C 0 H 0 M 0 L
2.9.4	25 Oct, 2024	0 C 0 H 0 M 0 L
2.9.3	7 Aug, 2024	0 C 0 H 0 M 0 L

rdiffweb vulnerabilities

A web interface to rdiff-backup repositories.

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically

Package versions