Headline
CVE-2022-3295
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.4.8.
Related news
GHSA-hrj7-f62f-j7x7: rdiffweb allows unlimited length of root directory name, which could result in DoS
rdiffweb prior to 2.4.8 has no limit in length of root directory names. Allowing users to enter long strings may result in a DOS attack or memory corruption. Version 2.4.8 defines a field limit for username, email, and root directory.