Radicale : Security Vulnerabilities, CVEs, Published In 2016
The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a crafted path, as demonstrated by /c:/file/ignore.
Max CVSS
10.0
EPSS Score
0.48%
Published
2016-02-03
Updated
2016-11-28
Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".
Max CVSS
5.3
EPSS Score
0.67%
Published
2016-02-03
Updated
2016-12-06
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.
Max CVSS
10.0
EPSS Score
0.51%
Published
2016-02-03
Updated
2016-12-06
3 vulnerabilities found