** DISPUTED ** core.py in Mitogen ... CVE-2019-15149

6.8 AV AC AU C I A
发布: 2019-08-18
修订: 2019-09-10

** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism.

0%
暂无可用Exp或PoC
当前有8条受影响产品信息