Critical severity9.8NVD Advisory· Published Aug 18, 2019· Updated Jun 17, 2026
CVE-2019-15149
CVE-2019-15149
Description
core.py in Mitogen before 0.2.8 has a typo that drops the unidirectional-routing protection mechanism in the case of a child that is initiated by another child. The Ansible extension is unaffected. NOTE: the vendor disputes this issue because it is exploitable only in conjunction with hypothetical other factors, i.e., an affected use case within a library caller, and a bug in the message receiver policy code that led to reliance on this extra protection mechanism
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mitogenPyPI | < 0.2.8 | 0.2.8 |
Affected products
2- Mitogen/Mitogendescription
Patches
Vulnerability mechanics
References
5- github.com/dw/mitogen/commit/5924af1566763e48c42028399ea0cd95c457b3dcnvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-8rf6-w2mx-4xjhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-15149ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/mitogen/PYSEC-2019-104.yamlghsaWEB
- mitogen.networkgenomics.com/changelog.htmlnvdRelease NotesWEB
News mentions
0No linked articles in our index yet.