The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd
through 2.1 allows a remote attacker to leak information from the heap due
to improper validation of an snprintf return value.
github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94
launchpad.net/bugs/cve/CVE-2019-12107
nvd.nist.gov/vuln/detail/CVE-2019-12107
security-tracker.debian.org/tracker/CVE-2019-12107
ubuntu.com/security/notices/USN-4542-1
www.cve.org/CVERecord?id=CVE-2019-12107
www.vdoo.com/blog/security-issues-discovered-in-miniupnp