diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:14:04 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:14:04 +0100 |
commit | 62152b40bff0031d80b0709afa820d6ccf5e4bec (patch) | |
tree | c1df5fbdfc892aa1ee1f7344a6b3b402f6ff772c | |
parent | aecc305d12aad9233139a2523a6509efccbdcdd9 (diff) | |
parent | f571400562729ff9c1823c0dca84499145aaf009 (diff) |
Merge branch 'CVE-2019-16328'
!102
-rw-r--r-- | data/CVE/list.2019 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index 2a510abb8c..9faef3abdf 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -11973,7 +11973,9 @@ CVE-2019-16330 (In NCH Express Accounts Accounting v7.02, persistent cross site CVE-2019-16329 RESERVED CVE-2019-16328 (In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify ...) - - rpyc <removed> + - rpyc <not-affected> (Vulnerable code newer in a released Debian version) + NOTE: Issue only affected 4.1.0 and 4.1.1 upstream and fixed in 4.1.2 + NOTE: https://rpyc.readthedocs.io/en/latest/docs/security.html#security CVE-2019-16327 (D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypa ...) NOT-FOR-US: D-Link CVE-2019-16326 (D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token ...) |