Index: security/vuxml/vuln.xml =================================================================== --- security/vuxml/vuln.xml +++ security/vuxml/vuln.xml @@ -76,6 +76,36 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + upnp -- stack overflow vulnerability + + + upnp + 1.14.5,1 + + + + +

Mitre reports:

+
+ A stack overflow in pupnp 1.16.1 can cause the denial of service through the + Parser_parseDocument() function. ixmlNode_free() will release a child node + recursively, which will consume stack space and lead to a crash. +
+

+ + + + CVE-2021-28302 + https://github.com/pupnp/pupnp/issues/249 + + + 2021-03-12 + 2021-04-06 + + + ruby -- XML round-trip vulnerability in REXML