13 matches found
xtlib (>=0.0.176 <=0.0.996) potentially affected by CVE-2019-16328 via rpyc (=4.1.0)
rpyc PYPI version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on rpyc and may be impacted: - xtlib =0.0.176, =0.0.996 Source cves: CVE-2019-16328 Source advisory: OSV:GHSA-PJ4G-4488-WMXM...
GHSA-PJ4G-4488-WMXM Dynamic modification of RPyC service due to missing security check
Impact Version 4.1.0 of RPyC has a vulnerability that affects custom RPyC services making it susceptible to authenticated remote attacks. Patches Git commits between September 2018 and October 2019 and version 4.1.0 are vulnerable. Use a version of RPyC that is not affected. Workarounds The commi...
Dynamic modification of RPyC service due to missing security check
Impact Version 4.1.0 of RPyC has a vulnerability that affects custom RPyC services making it susceptible to authenticated remote attacks. Patches Git commits between September 2018 and October 2019 and version 4.1.0 are vulnerable. Use a version of RPyC that is not affected. Workarounds The commi...
CVE-2019-16328
creationtimestamp| type| source ---|---|--- 2021-02-16 23:23:57+00:00| published-proof-of-concept| https://github.com/tomerfiliba-org/rpyc/security/advisories/GHSA-pj4g-4488-wmxm 2023-06-14 22:53:56+00:00| seen|...
Security update for python-rpyc (moderate)
openSUSE Security Update: Security update for python-rpyc Announcement ID: openSUSE-SU-2020:0763-1 Rating: moderate References: 1152987 Cross-References: CVE-2019-16328 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This upda...
openSUSE Security Update : python-rpyc (openSUSE-2020-685)
This update for python-rpyc to 4.1.5 fixes the following issues : Security issue fixed : - CVE-2019-16328: Fixed a missing protocol security check that could have led to code execution boo1152987. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...
openSUSE: Security Advisory for python-rpyc (openSUSE-SU-2020:0685-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0685-1 Security update for python-rpyc
This update for python-rpyc to 4.1.5 fixes the following issues: Security issue fixed: - CVE-2019-16328: Fixed a missing protocol security check that could have led to code execution boo1152987...
CVE-2019-16328
In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings...
CVE-2019-16328
In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings...
CVE-2019-16328
In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify object attributes to construct a remote procedure call that executes code for an RPyC service with default configuration settings...
xtlib (>=0.0.176 <=0.0.996) potentially affected by CVE-2019-16328 via rpyc (=4.1.0)
rpyc PYPI version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on rpyc and may be impacted: - xtlib =0.0.176, =0.0.996 Source cves: CVE-2019-16328 Source advisory: OSV:PYSEC-2019-118...
CVE-2019-16328
CVE-2019-16328 affects RPyC 4.1.0–4.1.1 where a missing protocol security check allowed a remote attacker to construct a remote procedure call that could execute code in a custom RPyC service. OpenSUSE advisories confirm the issue is fixed in python-rpyc 4.1.5 (openSUSE-SU-2020:0763-1) and cite a...