VDB

GCVE-VVD-MAGEIA-2021-319

GCVE-VVD-MAGEIA-2021-319
Advisory Published
Vulnetix · Advisory published July 8, 2021
The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp (libupnp) appears to be vulnerable to DNS rebinding attacks because it does not check the value of the 'Host' header. This can be mitigated by using DNS revolvers which block DNS-rebinding attacks. The vulnerability is fixed in version 1.14.6 and later (CVE-2021-29462).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageialibupnp0 (affected), 1.8.4-3.2.mga7 (unaffected)
Mageialibupnp0 (affected), 1.14.6-1.mga8 (unaffected)

Aliases

CVE-2021-29462

Transitive aliases

VVD-GENTOO-2021-784590EUVD-2021-16073

References

Updated libupnp packages fix a security vulnerability
advisory
Updated libupnp packages fix a security vulnerability
issue
Updated libupnp packages fix a security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›