Vulnerabilities > Radicale

DATE CVE VULNERABILITY TITLE RISK
2017-04-30 CVE-2017-8342 Race Condition vulnerability in Radicale
Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method.
network
radicale CWE-362
4.3
2016-02-03 CVE-2016-1505 Pathname Traversal and Equivalence Errors vulnerability in Radicale 1.0/1.0.1
The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.
network
low complexity
radicale microsoft CWE-21
7.5
2016-02-03 CVE-2015-8748 Permissions, Privileges, and Access Controls vulnerability in Radicale 1.0/1.0.1
Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".
network
low complexity
radicale CWE-264
5.0
2016-02-03 CVE-2015-8747 Improper Input Validation vulnerability in Radicale 1.0/1.0.1
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.
network
low complexity
radicale CWE-20
7.5