CVE-2022-3364: 
Python vulnerability analysis and mitigation

CVE-2022-3364 is a vulnerability identified in the GitHub repository ikus060/rdiffweb versions prior to 2.5.0a3. The vulnerability is classified as an Allocation of Resources Without Limits or Throttling issue. It was disclosed on September 29, 2022, affecting the rdiffweb software package (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) by NVD with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H, while huntr.dev assessed it with a score of 5.3 (MEDIUM) with vector string CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L. The vulnerability is categorized under CWE-770 (Allocation of Resources Without Limits or Throttling) (NVD).

The vulnerability affects the availability of the system by allowing unrestricted resource allocation, which could potentially lead to denial of service conditions. The CVSS scoring indicates that while there is no impact on confidentiality or integrity, there is a significant impact on system availability (NVD).

The vulnerability has been patched in version 2.5.0a3 of rdiffweb. Users are advised to upgrade to this version or later to mitigate the vulnerability. The fix was implemented through a commit that addresses the resource allocation issue (GitHub Commit).