-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stemmed from missing or improperly scoped rate limits on security-sensitive endpoints. The patch added/changed rate limit decorators in these functions to enforce hourly limits (instead of per-minute) and method-specific restrictions (POST). Pre-patch versions lacked these protections:
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| rdiffweb | pip | < 2.5.0 | 2.5.0 |