FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

upnp -- stack overflow vulnerability

Affected packages
upnp < 1.14.5,1

Details

VuXML ID 79fa9f23-9725-11eb-b530-7085c2fb2c14
Discovery 2021-03-12
Entry 2021-04-06

Mitre reports:

A stack overflow in pupnp 1.16.1 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume stack space and lead to a crash.

[source]

References

CVE Name CVE-2021-28302
URL https://github.com/pupnp/pupnp/issues/249

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.