Base Score

LOW2.4

CVE-2022-3301

Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.

VectorNETWORK

Published Bysecurity@huntr.dev

Published DateSep 26, 2022, 11:15

Affected Versions(1)

rdiffweb(PyPI)

Introduced0

Fixed2.4.8

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
rdiffweb(PyPI)	0	2.4.8	N/A

Weakness Type (CWE):CWE-460

CVSS Metrics

Base Score

2.4

Vector String

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Base Severity

LOW

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

HIGH

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

LOW

Availability (A)

NONE

References

https://github.com/ikus060/rdiffweb/commit/5ac38b2a75becbab9f948bd5e37ecbcd9f0b362e
https://huntr.dev/bounties/d3bf1e5d-055a-44b8-8d60-54ab966ed63a

Base Score

LOW2.4

Weakness Type (CWE):CWE-460

CVSS Metrics

Base Score

2.4

Vector String

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Base Severity

LOW

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

HIGH

User Interaction (UI)

REQUIRED

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

LOW

Availability (A)

NONE