The upnpeventprepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.
{ "binaries": [ { "binary_version": "1.8.20140523-4.1+deb9u2build0.16.04.1", "binary_name": "miniupnpd" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }
{ "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_version": "2.1-6ubuntu2", "binary_name": "miniupnpd" }, { "binary_version": "2.1-6ubuntu2", "binary_name": "miniupnpd-dbgsym" } ], "ubuntu_priority": "medium", "availability": "No subscription required" }