OpenAFS 1.6.19 and earlier allows remote attackers to obtain sensitive directory information via vectors involving the (1) client cache partition, (2) fileserver vice partition, or (3) certain RPC responses.
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9772.json"
[ { "events": [ { "introduced": "0" }, { "last_affected": "1.6.19" } ] } ]