diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:14:04 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:14:04 +0100 |
commit | 3c65faefc3f3d51ca10eb615078a11f0d90e0b47 (patch) | |
tree | d847b72f03c9d447b1b3ae1ee98f7633a5a6f4e9 | |
parent | 8bcf80fe9c765befe461a6be465f01226ca7c24c (diff) | |
parent | eb0e595a779d29ae6dd1ede01eb1c8fb0d268386 (diff) |
Merge branch 'CVE-2019-16328'
!102
-rw-r--r-- | data/CVE/2019.list | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 2a510abb8c..9faef3abdf 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -11973,7 +11973,9 @@ CVE-2019-16330 (In NCH Express Accounts Accounting v7.02, persistent cross site CVE-2019-16329 RESERVED CVE-2019-16328 (In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify ...) - - rpyc <removed> + - rpyc <not-affected> (Vulnerable code newer in a released Debian version) + NOTE: Issue only affected 4.1.0 and 4.1.1 upstream and fixed in 4.1.2 + NOTE: https://rpyc.readthedocs.io/en/latest/docs/security.html#security CVE-2019-16327 (D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypa ...) NOT-FOR-US: D-Link CVE-2019-16326 (D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token ...) |