Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2020-13848 - log back

CVE-2020-13848 edited at 05 Jun 2020 13:21:29

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Denial of service

Description

+	A NULL-pointer dereference has been found in libupnp <= 1.12.1, in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c, allowing a remote attacker to cause a denial of service (crash) via a crafted SSDP message.

References

+	https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0

Notes

CVE-2020-13848 created at 05 Jun 2020 13:19:50