RSS   Vulnerabilities for 'Mitogen'   RSS

2019-08-18
 
CVE-2019-15149

CWE-254
 

 
** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism.

 


Copyright 2024, cxsecurity.com

 

Back to Top