diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:13:14 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-16 13:13:14 +0100 |
commit | f571400562729ff9c1823c0dca84499145aaf009 (patch) | |
tree | b8b44771a811f6a3143ab156bba9dff4bf17c899 | |
parent | a96b10036ca7b9c56a4c38af9e54a5deba2d2b0e (diff) |
Add reason for not-affected and expand notes covering upstream information
-rw-r--r-- | data/CVE/list.2019 | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index a759bee4cc..9faef3abdf 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -11973,8 +11973,9 @@ CVE-2019-16330 (In NCH Express Accounts Accounting v7.02, persistent cross site CVE-2019-16329 RESERVED CVE-2019-16328 (In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify ...) - - rpyc <not-affected> - NOTE: Affected versions have not been packaged for Debian + - rpyc <not-affected> (Vulnerable code newer in a released Debian version) + NOTE: Issue only affected 4.1.0 and 4.1.1 upstream and fixed in 4.1.2 + NOTE: https://rpyc.readthedocs.io/en/latest/docs/security.html#security CVE-2019-16327 (D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypa ...) NOT-FOR-US: D-Link CVE-2019-16326 (D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token ...) |