Описание
rdiffweb allows a new password to be the same as the previous password
rdiffweb prior to 2.5.0a4 allows users to set their new password to be the same as the old password during a password reset. Version 2.5.0a4 enforces a password policy in which a new password cannot be the same as the old one.
Пакеты
Наименование
rdiffweb
pip
Затронутые версииВерсия исправления
< 2.5.0
2.5.0
Связанные уязвимости
CVSS3: 5.3
nvd
больше 3 лет назад
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
CVSS3: 5.3
debian
больше 3 лет назад
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior ...