Description** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1431-1, DSA-4255-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ant (PTS)stretch (security), stretch1.9.9-1+deb9u1fixed
bookworm, sid1.10.11-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs


Fixed upstream in 1.9.12 and 1.10.4
The CVE was rejected, as it was assigned by Red Hat's CNA but is out of
scope of the assigning CNA. The rejection was not due to technical invalid
issue but because it was assigned by a CNA which did not cover the scope
for ant. Would fall under Apache CNA instead.

Search for package or bug name: Reporting problems