CVE-2019-15149

Published: Aug 18, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/dw/mitogen/commit/5924af1566763e48c42028399ea0cd95c457b3dc

x_refsource_MISC

https://mitogen.networkgenomics.com/changelog.html#v0-2-8-2019-08-18

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-15149

Description

Affected Products

References