CVE-2019-16235

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.

The product does not properly verify that the source of data or communication is valid.

Name	Vendor	Start Version	End Version
Dino	Dino	*	0.1.0 (excluding)
Dino-im	Ubuntu	bionic	*
Dino-im	Ubuntu	devel	*
Dino-im	Ubuntu	disco	*
Dino-im	Ubuntu	eoan	*
Dino-im	Ubuntu	esm-apps/focal	*
Dino-im	Ubuntu	esm-apps/jammy	*
Dino-im	Ubuntu	esm-apps/noble	*
Dino-im	Ubuntu	focal	*
Dino-im	Ubuntu	groovy	*
Dino-im	Ubuntu	hirsute	*
Dino-im	Ubuntu	impish	*
Dino-im	Ubuntu	jammy	*
Dino-im	Ubuntu	kinetic	*
Dino-im	Ubuntu	lunar	*
Dino-im	Ubuntu	mantic	*
Dino-im	Ubuntu	noble	*
Dino-im	Ubuntu	oracular	*
Dino-im	Ubuntu	trusty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-16235
CWE	https://cwe.mitre.org/data/definitions/346.html

Origin Validation Error