CVE-2022-3174

Missing Encryption of Sensitive Data in pypi/rdiffweb

Identifiers

GHSA-mjw4-xvx6-3grg, CVE-2022-3174

Package Slug

pypi/rdiffweb

Vulnerability

Missing Encryption of Sensitive Data

Description

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2.

Affected Versions

Version 2.4.1

Solution

Upgrade to version 2.4.2 or above.

Last Modified

2022-09-15

source