VulnerableCode Package Details - pkg:deb/debian/miniupnpd@2.1-6

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-bgk8-m1nq-27f4	Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact	CVE-2017-1000494
VCID-due3-vryw-8qa5	An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.	CVE-2019-12110
VCID-qjst-hkej-x3fn	A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.	CVE-2019-12108
VCID-r2r8-3r8z-uqdk	A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.	CVE-2019-12109
VCID-tbub-9kut-uqh1	The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.	CVE-2019-12107
VCID-tp4q-u9nv-z7cx	A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.	CVE-2019-12111

Vulnerability

Summary

Aliases

VCID-bgk8-m1nq-27f4

Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact

CVE-2017-1000494

VCID-due3-vryw-8qa5

An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.

CVE-2019-12110

VCID-qjst-hkej-x3fn

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

CVE-2019-12108

VCID-r2r8-3r8z-uqdk

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.

CVE-2019-12109

VCID-tbub-9kut-uqh1

The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.

CVE-2019-12107

VCID-tp4q-u9nv-z7cx

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.

CVE-2019-12111

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T12:04:16.933108+00:00	Debian Oval Importer	Fixing	VCID-tbub-9kut-uqh1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T10:12:23.251766+00:00	Debian Oval Importer	Fixing	VCID-bgk8-m1nq-27f4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T08:36:59.619528+00:00	Debian Oval Importer	Fixing	VCID-due3-vryw-8qa5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T07:05:40.911705+00:00	Debian Oval Importer	Fixing	VCID-qjst-hkej-x3fn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T03:57:48.374091+00:00	Debian Oval Importer	Fixing	VCID-tp4q-u9nv-z7cx	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0
2026-06-13T02:37:20.227437+00:00	Debian Oval Importer	Fixing	VCID-r2r8-3r8z-uqdk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.6.0