{"url":"http://public2.vulnerablecode.io/api/packages/124107?format=json","purl":"pkg:apk/alpine/miniupnpd@2.2.2-r0?arch=riscv64&distroversion=v3.21&reponame=community","type":"apk","namespace":"alpine","name":"miniupnpd","version":"2.2.2-r0","qualifiers":{"arch":"riscv64","distroversion":"v3.21","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206705?format=json","vulnerability_id":"VCID-due3-vryw-8qa5","summary":"An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12110","reference_id":"","reference_type":"","scores":[{"value":"0.00595","scoring_system":"epss","scoring_elements":"0.69784","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00595","scoring_system":"epss","scoring_elements":"0.69875","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00595","scoring_system":"epss","scoring_elements":"0.6989","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00595","scoring_system":"epss","scoring_elements":"0.69887","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12110"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050","reference_id":"930050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050"},{"reference_url":"https://usn.ubuntu.com/4542-1/","reference_id":"USN-4542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4542-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124107?format=json","purl":"pkg:apk/alpine/miniupnpd@2.2.2-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/miniupnpd@2.2.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2019-12110"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-due3-vryw-8qa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206703?format=json","vulnerability_id":"VCID-qjst-hkej-x3fn","summary":"A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12108","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67769","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67858","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67869","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67866","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12108","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12108"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050","reference_id":"930050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050"},{"reference_url":"https://usn.ubuntu.com/4542-1/","reference_id":"USN-4542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4542-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124107?format=json","purl":"pkg:apk/alpine/miniupnpd@2.2.2-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/miniupnpd@2.2.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2019-12108"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjst-hkej-x3fn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206704?format=json","vulnerability_id":"VCID-r2r8-3r8z-uqdk","summary":"A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12109","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67769","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67858","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67869","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67866","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12109"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050","reference_id":"930050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050"},{"reference_url":"https://usn.ubuntu.com/4542-1/","reference_id":"USN-4542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4542-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124107?format=json","purl":"pkg:apk/alpine/miniupnpd@2.2.2-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/miniupnpd@2.2.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2019-12109"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2r8-3r8z-uqdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206701?format=json","vulnerability_id":"VCID-tbub-9kut-uqh1","summary":"The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12107","reference_id":"","reference_type":"","scores":[{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59043","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59155","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59167","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00367","scoring_system":"epss","scoring_elements":"0.59158","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12107"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050","reference_id":"930050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050"},{"reference_url":"https://usn.ubuntu.com/4542-1/","reference_id":"USN-4542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4542-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124107?format=json","purl":"pkg:apk/alpine/miniupnpd@2.2.2-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/miniupnpd@2.2.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2019-12107"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbub-9kut-uqh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206706?format=json","vulnerability_id":"VCID-tp4q-u9nv-z7cx","summary":"A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12111","reference_id":"","reference_type":"","scores":[{"value":"0.01158","scoring_system":"epss","scoring_elements":"0.78986","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01158","scoring_system":"epss","scoring_elements":"0.79051","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01158","scoring_system":"epss","scoring_elements":"0.79065","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01158","scoring_system":"epss","scoring_elements":"0.79063","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12111"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050","reference_id":"930050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930050"},{"reference_url":"https://usn.ubuntu.com/4542-1/","reference_id":"USN-4542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4542-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/124107?format=json","purl":"pkg:apk/alpine/miniupnpd@2.2.2-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/miniupnpd@2.2.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"}],"aliases":["CVE-2019-12111"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tp4q-u9nv-z7cx"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/miniupnpd@2.2.2-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"}