CVE-2019-12107

Priority
Description
The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd
through 2.1 allows a remote attacker to leak information from the heap due
to improper validation of an snprintf return value.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (1.8.20140523-4.1+deb9u2build0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):not-affected (2.1-6ubuntu2)
Ubuntu 20.10 (Groovy Gorilla):not-affected (2.1-6ubuntu2)
More Information

Updated: 2020-09-26 02:17:04 UTC (commit dabd3af71e401b9fb6a4a072047eea5835e510be)