CVE-2022-3438
First published: Mon Oct 10 2022(Updated: )
Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ikus-soft Rdiffweb | <2.5.0 | |
| Ikus-soft Rdiffweb | =2.5.0-alpha1 | |
| Ikus-soft Rdiffweb | =2.5.0-alpha2 | |
| Ikus-soft Rdiffweb | =2.5.0-alpha3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-3438?
CVE-2022-3438 is an open redirect vulnerability in the GitHub repository ikus060/rdiffweb prior to version 2.5.0a4.
How does CVE-2022-3438 affect Ikus-soft Rdiffweb?
CVE-2022-3438 affects Ikus-soft Rdiffweb versions up to and including 2.5.0-alpha3.
What is the severity rating of CVE-2022-3438?
The severity rating of CVE-2022-3438 is medium (6.1).
How can I fix CVE-2022-3438?
To fix CVE-2022-3438, update Ikus-soft Rdiffweb to version 2.5.0a4 or later.
Where can I find more information about CVE-2022-3438?
More information about CVE-2022-3438 can be found at the following references: [Link 1](https://github.com/ikus060/rdiffweb/commit/4d464b467f14b8eb9103d7f5f0774e49995527c7), [Link 2](https://huntr.dev/bounties/bc5689e4-221a-4200-a8ab-42c659f89f67).
- collector/nvd-index
- vendor/ikus-soft
- canonical/ikus-soft rdiffweb
- version/ikus-soft rdiffweb/2.5.0-alpha1
- version/ikus-soft rdiffweb/2.5.0-alpha2
- version/ikus-soft rdiffweb/2.5.0-alpha3