FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a23871f6-059b-11eb-8758-e0d55e2a8bf9upnp -- denial of service (crash)

CVE mitre reports:

Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.


Discovery 2020-06-04
Entry 2020-10-03
upnp
< 1.12.1_1,1

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13848
https://nvd.nist.gov/vuln/detail/CVE-2020-13848
https://github.com/pupnp/pupnp/issues/177
https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0
CVE-2020-13848
79fa9f23-9725-11eb-b530-7085c2fb2c14upnp -- stack overflow vulnerability

Mitre reports:

A stack overflow in pupnp 1.16.1 can cause the denial of service through the Parser_parseDocument() function. ixmlNode_free() will release a child node recursively, which will consume stack space and lead to a crash.


Discovery 2021-03-12
Entry 2021-04-06
upnp
< 1.14.5,1

CVE-2021-28302
https://github.com/pupnp/pupnp/issues/249