diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:13:14 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:13:14 +0100 |
| commit | eb0e595a779d29ae6dd1ede01eb1c8fb0d268386 (patch) | |
| tree | d8ba0496b50c65f1b1c3bb309233e9a4b4aec059 | |
| parent | 170e9a13b215a71494e546d81838b9c7e476c936 (diff) | |
Add reason for not-affected and expand notes covering upstream information
| -rw-r--r-- | data/CVE/2019.list | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index a759bee4cc..9faef3abdf 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -11973,8 +11973,9 @@ CVE-2019-16330 (In NCH Express Accounts Accounting v7.02, persistent cross site CVE-2019-16329 RESERVED CVE-2019-16328 (In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify ...) - - rpyc <not-affected> - NOTE: Affected versions have not been packaged for Debian + - rpyc <not-affected> (Vulnerable code newer in a released Debian version) + NOTE: Issue only affected 4.1.0 and 4.1.1 upstream and fixed in 4.1.2 + NOTE: https://rpyc.readthedocs.io/en/latest/docs/security.html#security CVE-2019-16327 (D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypa ...) NOT-FOR-US: D-Link CVE-2019-16326 (D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token ...) |