Описание
ELSA-2021-2417: gupnp security update (IMPORTANT)
[1.0.2-6]
- gupnp-1.0.3-3
- Fix DNS rebind issue
- Resolves: #1964706
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
gupnp
1.0.2-6.el7_9
gupnp-devel
1.0.2-6.el7_9
gupnp-docs
1.0.2-6.el7_9
Oracle Linux x86_64
gupnp
1.0.2-6.el7_9
gupnp-devel
1.0.2-6.el7_9
gupnp-docs
1.0.2-6.el7_9
Связанные CVE
Связанные уязвимости
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x befo ...
