GHSA-486g-47cc-8wxf: aiocpa contains credential harvesting code

GHSA-93ww-43rr-79v3: Keycloak mTLS Authentication Bypass via Reverse Proxy TLS Termination 

GHSA-jgwc-jh89-rpgq: Keycloak proxy header handling Denial-of-Service (DoS) vulnerability

GHSA-xg58-75qf-9r67: Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges

GHSA-qqwr-j9mm-fhw6: deno_doc's HTML generator vulnerable to Cross-site Scripting

rdiffweb prior to 2.4.5 is vulnerable to Cross-Site Request Forgery (CSRF). An attacker exploiting this vulnerability can use it to delete repositories and users.

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2022-3232

**rdiffweb CSRF vulnerability in admin area can lead to deletion of repositories and users**

Moderate severity GitHub Reviewed Published Sep 18, 2022 • Updated Sep 20, 2022

**Package**

pip rdiffweb (pip)

**Affected versions**

< 2.4.5

**Description**

Headline

GHSA-cw2v-wv4g-w4p6: rdiffweb CSRF vulnerability in admin area can lead to deletion of repositories and users

Related news

ghsa: Latest News